RE: [fw-wiz] Cisco acls

• Previous message: Kevin: "[fw-wiz] Websense protocol Version 4?"
• Maybe in reply to: Eric Appelboom: "[fw-wiz] Cisco acls"
• Next in thread: Luke Butcher: "RE: [fw-wiz] Cisco acls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "Eric Appelboom" <eric@mweb.com>
Date: Fri, 4 Mar 2005 09:32:50 +1100

 
In my experience, I've only used ACLs on a router as a broad filter,
block 10.* 192.168.* type stuff. Usually at the border router or
similar. Behind this is then some sort of firewall to do the real
filtering.

As for how to , in the bad old days I always had a text file that
contained the no access-group in, no access-list, etc. so you'd just
edit the text file then copy and paste.
These days it's much easier to use named access-lists and cut and past
rules by line numbers on a Cisco. Also for the reasons you pointed out,
there'd be no access-list on a router while there was no ACL.

Hope that helps

Luke Butcher
Network/Security Consultant

-----Original Message-----
From: Eric Appelboom [mailto:eric@mweb.com]
Sent: Wednesday, 2 March 2005 2:53 AM
To: firewall-wizards@honor.icsalabs.com
Subject: [fw-wiz] Cisco acls

Hi,

I would appreciate some comments with regard to the extensive use of
cisco routers acls To protect numerous networks.

My concern is that when someone amends an access-list one generally
enters, no access-list 177 and Then pastes in the new access list. Does
this mean that for a period of time there is no protection on the
Network that the acls applies?

Best Regards
Eric

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

• Previous message: Kevin: "[fw-wiz] Websense protocol Version 4?"
• Maybe in reply to: Eric Appelboom: "[fw-wiz] Cisco acls"
• Next in thread: Luke Butcher: "RE: [fw-wiz] Cisco acls"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]