02-24-2008 01:58 PM
I am confused with the access-list requirement for IPS.
IPS device will create dynamically generated ACL to the router in the event that a signature is triggered. It requires an existing access-list defined as Pre-block access list and an existing access-list defined as post-block access list.
Does this mean that I need to set up at least 3 access-list on my router, one for normal use that is applied to the interface, another one to be defined as pre-block access-list on IPS device and a third one to be defined as post-block access-list on the IPS device?
Thanks
02-29-2008 07:32 AM
Could you specify what device you are using and its configuration?
02-29-2008 09:39 AM
The router is a 2600 and ips is 4215. Currently I only have one set of access-list. That's why I don't understand how I can have a pre and a post access-list to be used by the IPS device.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide