03-01-2004 03:13 PM - edited 03-09-2019 06:36 AM
Hi to all,
Does anyone knows what is this access list (sl_def_acl) ?
I've found it making a "sh accces-list" command on a 837 Cisco router (IOS Version 12.3(4)).
It seems to be taken in consideration if applied with the inspection command.
There is a way in order to remove it?
Thanks for your precious attention.
Solved! Go to Solution.
03-05-2004 11:41 AM
This is the "Secure Login Default ACL". This access list is not applied on any of the interfaces and this is a new security feature added to the latest version of IOS. If a brute force attack is launched against the router, it can be configured to apply this ACL to the VTY,AUX & CON lines to prevent access after a configured amount of failed login attempts.
The link that describes it's use is
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html
Since this is a part of the IOS, guess the only way to remove it would be to change the IOS running on your router to 12.2. But I don't see any need to do this if it does not affect the router.
03-05-2004 11:41 AM
This is the "Secure Login Default ACL". This access list is not applied on any of the interfaces and this is a new security feature added to the latest version of IOS. If a brute force attack is launched against the router, it can be configured to apply this ACL to the VTY,AUX & CON lines to prevent access after a configured amount of failed login attempts.
The link that describes it's use is
http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html
Since this is a part of the IOS, guess the only way to remove it would be to change the IOS running on your router to 12.2. But I don't see any need to do this if it does not affect the router.
03-05-2004 02:14 PM
Thanks a lot for your reply.
08-22-2019 11:41 AM
The link is broken
08-24-2019 03:01 PM
Considering that the link goes back to at least 2004 I am not surprised that it no longer works. Here is a link that mentions that acl. I hope you find it helpful
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: