Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

TCP Intercept and ACL's

I have an access-list established already, but I would like to add TCP intercept on this router. It would only filter on one network (range). Basically my DMZ. Do I add the statement "access-list xxx permit tcp any (network host section) to my established access-list or do I create a new one? I imagine that this staement would follow all my deny statements and before my "ip any any" command. Is this correct?

2 REPLIES
New Member

Re: TCP Intercept and ACL's

New Member

Re: TCP Intercept and ACL's

Thanks for the information. But I think my problem is applying 2 ACL's to one interface. Both would have to be TCP, thats why I ask where do I put the explicit line for the intercept command that will be applied to the Serial /0 interface. Will it read all the lines, ignoring all except the one meant for it? I am generating part of my access list dynamically from an IDS (NetRanger) and some parts are permanent.

236
Views
0
Helpful
2
Replies