RE: [fw-wiz] Cisco acls
From: Luke Butcher (Luke.Butcher_at_alphawest.com.au)
Date: 03/06/05
- Previous message: Luca Berra: "Re: [fw-wiz] Cisco acls"
- Maybe in reply to: Eric Appelboom: "[fw-wiz] Cisco acls"
- Next in thread: Andrew Yourtchenko: "RE: [fw-wiz] Cisco acls"
- Reply: Andrew Yourtchenko: "RE: [fw-wiz] Cisco acls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Eric Appelboom" <eric@mweb.com> Date: Mon, 7 Mar 2005 08:32:55 +1100
Excuse my incoherent ramblings, you can't do access-list editing by line
number on a router, I was thinking of the pix OS.
I return you to your usual programming now.
Luke Butcher
Network/Security Consultant
-----Original Message-----
From: Luke Butcher
Sent: Friday, 4 March 2005 9:33 AM
To: Eric Appelboom
Cc: firewall-wizards@honor.icsalabs.com
Subject: RE: [fw-wiz] Cisco acls
In my experience, I've only used ACLs on a router as a broad filter,
block 10.* 192.168.* type stuff. Usually at the border router or
similar. Behind this is then some sort of firewall to do the real
filtering.
As for how to, in the bad old days I always had a text file that
contained the no access-group in, no access-list, etc. so you'd just
edit the text file then copy and paste.
These days it's much easier to use named access-lists and cut and past
rules by line numbers on a Cisco. Also for the reasons you pointed out,
there'd be no access-list on a router while there was no ACL.
_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
- Previous message: Luca Berra: "Re: [fw-wiz] Cisco acls"
- Maybe in reply to: Eric Appelboom: "[fw-wiz] Cisco acls"
- Next in thread: Andrew Yourtchenko: "RE: [fw-wiz] Cisco acls"
- Reply: Andrew Yourtchenko: "RE: [fw-wiz] Cisco acls"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
