Ooops, my last e-mail was incorrect in my second example. I meant to say:
permit tcp any any eq 80
deny ip any any
Sorry for the confusion...
David Ishmael, CCNA, IVCP
Senior Network Management Engineer
Windward Consulting Group, Inc.
Phone: (703) 283-7564
Pager: (888) 910-7094
eFax: (425) 969-4707
Fax: (703) 351-9428
mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Dave Vogler
Sent: Tuesday, May 01, 2001 9:41 AM
To: firewall discussion list
Subject: Cisco access list technique
Hi all,
I'm a bit of a newbie to my Cisco router, but I'm attempting to set up
an access list to firewall my LAN from the internet.
Is there a preferred order for my permit and deny statements? I've
heard that its best to put all your permit statements first, then your
denys.... will this affect throughput speed? Are packets substantially
slowed down because the router has to examine every one?
And if an access list implicitly denies all that are not permitted, why
even bother with deny statements?
Thanks in advance,
Dave Vogler
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
