cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
165
Views
0
Helpful
1
Replies

ACL for Access-Router

druch
Level 1
Level 1

We have serveral Cisco 3640 routers in use. Each router has 2 PRI interfaces for ISDN & analog (digital modems) for dial-in connections. Because we only allow VPN connections from the remote-users to our network, I've to protect the access router with ACL's allowing only ESP and IPSec/IKE passing through the router. Configuring the required ACL is not the problem for me. I'd like to set the ACL's to the WAN interfaces on the Ciso 3640. I've also to mention, that we use a dialer interfce per user. My question is, if I have to set the ACL to the physical E1/PRI interface of the access router or if I have to set the ACL on each dialer interface (ip access-group xxx in). Because we have quit a lot dialer interfaces in use (>100), it would be easier to set the ACL on the E1/PRI interface, but I'm not sure if this works.

Thank's a lot for any reply.

1 Reply 1

ebreniz
Level 6
Level 6

Did you try putting interface dialers in some groups and apply the access-list all together

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco