08-30-2007 02:46 AM - edited 03-11-2019 04:04 AM
What will happen if delete the access list acl_outbound that still is applied to the inside interface, traffic will stop or will flow freely n pix?
access−group acl_outbound in interface inside
Thanks in advance
Solved! Go to Solution.
08-30-2007 05:01 AM
Already established connections do not get checked by access-list. So, even if you remove the access-list, the existing connections will still continue to work. However, new connections may be affected depending on the traffic flow e.g if traffic is going from higher security to lower security, it will be permitted but traffic from lower to higher will be blocked.
08-30-2007 03:43 AM
The traffic will stop.
You need an ACL to define the IP traffic that is allowed through the interface. If you want to change the ACL completely you could configure a new ACL (with a different name) and then use the command'access-group NEW_ACL_NAME in interface inside' to apply it. There should be no interruption to traffic flow (assuming the new ACL is configured correctly).
08-30-2007 04:59 AM
assuming that i did not configure the nje ACL and a leave the old ALC applied on that insede interface?
what happen?
thanks
08-30-2007 05:01 AM
Already established connections do not get checked by access-list. So, even if you remove the access-list, the existing connections will still continue to work. However, new connections may be affected depending on the traffic flow e.g if traffic is going from higher security to lower security, it will be permitted but traffic from lower to higher will be blocked.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide