Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
530
Views
0
Helpful
2
Replies

router ACL

eppiet
Level 1
Level 1

‎02-24-2008 01:58 PM

I am confused with the access-list requirement for IPS.

IPS device will create dynamically generated ACL to the router in the event that a signature is triggered. It requires an existing access-list defined as Pre-block access list and an existing access-list defined as post-block access list.

Does this mean that I need to set up at least 3 access-list on my router, one for normal use that is applied to the interface, another one to be defined as pre-block access-list on IPS device and a third one to be defined as post-block access-list on the IPS device?

Thanks

Labels:
0 Helpful
2 Replies 2

owillins
Level 6
Level 6

‎02-29-2008 07:32 AM

Could you specify what device you are using and its configuration?

0 Helpful

eppiet
Level 1
Level 1
In response to owillins

‎02-29-2008 09:39 AM

The router is a 2600 and ips is 4215. Currently I only have one set of access-list. That's why I don't understand how I can have a pre and a post access-list to be used by the IPS device.

0 Helpful
Customers Also Viewed These Support Documents