Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Cisco acls

From: "Luke Butcher" <Luke.Butcher () alphawest com au>
Date: Fri, 4 Mar 2005 09:32:50 +1100
 
In my experience, I've only used ACLs on a router as a broad filter,
block 10.* 192.168.* type stuff. Usually at the border router or
similar. Behind this is then some sort of firewall to do the real
filtering.

As for how to , in the bad old days I always had a text file that
contained the no access-group in, no access-list, etc. so you'd just
edit the text file then copy and paste.
These days it's much easier to use named access-lists and cut and past
rules by line numbers on a Cisco. Also for the reasons you pointed out,
there'd be no access-list on a router while there was no ACL.

Hope that helps


Luke Butcher
Network/Security Consultant

-----Original Message-----
From: Eric Appelboom [mailto:eric () mweb com] 
Sent: Wednesday, 2 March 2005 2:53 AM
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] Cisco acls


Hi,

I would appreciate some comments with regard to the extensive use of
cisco routers acls To protect numerous networks.

My concern is that when someone amends an access-list one generally
enters, no access-list 177 and Then pastes in the new access list. Does
this mean that for a period of time there is no protection on the
Network that the acls applies?

Best Regards
Eric


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: