No..you can't apply any configs to bri sub interface. Two bri channels will inherit the configs from interface bri0.
Now speaking on ACL inbound, will deny all the traffic from out to in. so Any reply from internet (like TCP SYN/ACK or any IP) will be blocked. So in other words you can't access the internet with this acl.
You need to know what kind of traffic you need to block and allow. So i would say "allow what you need to allow first and block the rest".
I wish to only allow traffic which is in response to something which originated from one of my machines, and block everything else - how is that done? I have a range of 32 IP addresses on my network - do I need to use them as the source in the allow? Is it possible to allow a range, or do I have to explicity allow each of the 32 addresses?
You may be doing nat on outside interface right? You can use something like this to tcp port 23 (telnet), http port 80 from inernet, along with ip traffic. You need to create your own.
access-list 101 permit tcp any 10.1.1.0 0.0.0.255 eq 23 established
access-list 101 permit tcp any 10.1.1.0 0.0.0.255 eq 80 established
You need to use "established" keyword with the permit command. The established keyword filters TCP packets based on whether the ACK or RST bits are set. (Set ACK or RST bits indicate that the packet is not the first in the session, and therefore, that the packet belongs to an established session.) It will permit the TCP replies from internet to router for the connection originated from router.
We are pleased to announce availability of Beta software for 16.6.3.
16.6.3 will be the second rebuild on the 16.6 release train targeted
towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are
looking for early feedback from customers befor...
Introduction Featured Speakers Luis Espejel is the Telecommunications
Manager of IENova, an Oil & Gas company. Currently he works with Cisco
IOS® and Cisco IOS XE platforms, and NX to some extent. He has also
worked as a Senior Engineer with the Routing P...
In this session you can learn more about Layer 3 multicast and the best
practices to identify possible threats and take security measures. It
provides an overview of basic multicast, the best security practices for
use of this technology, and recommendati...