Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cisco acls

From: "Luke Butcher" <Luke.Butcher () alphawest com au>
Date: Mon, 7 Mar 2005 08:32:55 +1100
Excuse my incoherent ramblings, you can't do access-list editing by line
number on a router, I was thinking of the pix OS. 

I return you to your usual programming now.

Luke Butcher
Network/Security Consultant

-----Original Message-----
From: Luke Butcher 
Sent: Friday, 4 March 2005 9:33 AM
To: Eric Appelboom
Cc: firewall-wizards () honor icsalabs com
Subject: RE: [fw-wiz] Cisco acls

 
In my experience, I've only used ACLs on a router as a broad filter,
block 10.* 192.168.* type stuff. Usually at the border router or
similar. Behind this is then some sort of firewall to do the real
filtering.

As for how to, in the bad old days I always had a text file that
contained the no access-group in, no access-list, etc. so you'd just
edit the text file then copy and paste.
These days it's much easier to use named access-lists and cut and past
rules by line numbers on a Cisco. Also for the reasons you pointed out,
there'd be no access-list on a router while there was no ACL.
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: