I am configuring a k9-4235 to create ACL's on one of the internal 6513's.
I am confused about the userid's that a referenced on the html configuration page configuration/blocking. Why use the enable password? Should you not create a userid that can only do ACL's? Is the what the second password and userid entries are for?
Also I'm confused about the wording of Pre-Block ACL Name and Post-Block ACL Name.
Has anyone used the k9 to block on a 6513 using ACL's?
Well, if you don't have any AAA configured on your 6513, then you would telnet to the blade using the enable password. Similarly, when the sensor tries to telnet to the blade to write the acl's it will telnet using the enable password. However if you do configure AAA on the switch, then you would require the username and password.
2) What is Pre-Block ACL
The ACL's to be applied before placing the block ACL's. For eg, say if you had a acl that said:
access-list 101 permit tcp host 10.1.1.1 any
Then if you wanted to apply this ACL before you applied the block ACL's, you would specify the ACL name, that is 101 to be applied.
The post ACL works in the same manner, only difference it will be applied after the block commands.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...