Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Community will be in read-only mode on 12/14/2017 from 12:00 am pacific to 11:30 am.

During this time you will only be able to see content. Other interactions such as posting, replying to questions, or marking content as helpful will be disabled for few hours.

We apologize for the inconvenience while we perform important updates to the Community.

New Member

pix and access-list

Hello,everyone:

I have a question : How many access-lists can apply to a pix interface? I know that a router interface can only apply one access-list to it in one direction(in or out).

3 REPLIES
New Member

Re: pix and access-list

You can only apply one access-list with access-group command to a particular interface. The access list is always applied in the "in" direction to the interface.

Router can have two IP access lists applied to the interface simultaneously - one "in" and one "out".

ROK

New Member

Re: pix and access-list

The doc said that access-list can replace conduit command .In the pix I can use many conduit command, If I can only use one access-list ,there will be not convenience? Because if I edit one item in the access-list, I should edit the whole access-list?

New Member

Re: pix and access-list

>The doc said that access-list can replace conduit command

It can.

>In the pix I can use many conduit command, If I can only use one

>access-list ,there will be not convenience? Because if I edit one item

>in the access-list, I should edit the whole access-list?

An access-list can have many rules (especially now w/ 6.2 and Turbo ACLs).

You can delete any line from access-list, but can only append to it, so, yes,

you can have situation where you replace entire ACL with different one (the

same procedure as in IOS routers - actually, PIX's ACLs behave like IOS

named ACLs).

ROK

106
Views
0
Helpful
3
Replies
CreatePlease to create content