Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

router ACL

I am confused with the access-list requirement for IPS.

IPS device will create dynamically generated ACL to the router in the event that a signature is triggered. It requires an existing access-list defined as Pre-block access list and an existing access-list defined as post-block access list.

Does this mean that I need to set up at least 3 access-list on my router, one for normal use that is applied to the interface, another one to be defined as pre-block access-list on IPS device and a third one to be defined as post-block access-list on the IPS device?

Thanks

2 REPLIES
Silver

Re: router ACL

Could you specify what device you are using and its configuration?

New Member

Re: router ACL

The router is a 2600 and ips is 4215. Currently I only have one set of access-list. That's why I don't understand how I can have a pre and a post access-list to be used by the IPS device.

225
Views
0
Helpful
2
Replies
CreatePlease login to create content