This is why I do all my ACL edits in notepad and completely remove and reapply them as needed. At least with the PIX OS 6.1(1) I can do line by line removes... my routers aren't so fortunate...
Wes Noonan, MCSE/MCT/CCNA/CCDA/NNCSS Senior QA Rep. BMC Software, Inc. (713) 918-2412 [EMAIL PROTECTED] http://www.bmc.com -----Original Message----- From: Mattias Eriksson [mailto:[EMAIL PROTECTED]] Sent: Thursday, February 14, 2002 07:58 To: 'Rasmus Aaen'; '[EMAIL PROTECTED]' Subject: RE: PIX newbie questions > The access-list group for outbound connections ends with a > "deny all" rule, which is fine. But when I added the new > rule, it was placed under the "deny all" rule. So i had to > remove the "deny all" rule and add it again to get the order > right. Is it possible to specify where a new rule should be > placed so I don't have to remove and add the "deny all" rule > all the time? No, but you can use the command "no access-list xxx" to remove the list and then add the complete list again. > While telnet is probably ok when I get used to it, i've read > in the manual thar I can use a program called "PIX Firewall > Manager (PFM)". Where can I get this. I've tried searching > cisco.com but to no avail. Can anybody give me a hint to this? PFM is crap. Pix Device manager (PDM) is available for the PIX Firewall software version 6.x. In a new pix it is already loaded into flash. You must upgrade to 6.x before you can install it. Mattias E. _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
