I'm modifying the access lists on a couple of my Cisco routers
and have a question/problem I couldn't locate on the Cisco web
site.
I'm trying the approach of denying all, and then only allowing the
ports I need.
Do the access lists read from top down? i.e. put the allow statements
first, and then the deny any at the end? Can you have multiple
access lists on the same interface? Which takes precedence when
there is a conflict? Is it standard practice to have one access list
(maybe large) per interface?
Thanks,
John Monahan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
