https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623350#M242823 <P>Hi</P> <P>&nbsp;How can you expect any change if you are allowing everyting to access your WLC ?&nbsp; This ACL and nothing is the same thing.&nbsp;</P> <P>Define an specific network from where you can access you WLC and permit only this network. Deny everything else.</P> Thu, 02 Jun 2022 14:07:22 GMT Flavio Miranda 2022-06-02T14:07:22Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623333#M242820 <P>Hi CPU ACL are configured at wlc 3504 to remediate security vulnerability. We cannot find the difference between before and after making the config change. The ACLs are listed as below where ip address 10.10.10.20 is the wlc management interface. Anyone can share some experience or suggestions? Thank you</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P><FONT size="2">(Cisco Controller) &gt;show ACL detailed CACL</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Destination&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Source Port&nbsp; Dest Port</FONT></P><P><FONT size="2">Index&nbsp; Dir&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP Address/Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP Address/Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Prot&nbsp;&nbsp;&nbsp; Range&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Range&nbsp;&nbsp;&nbsp; DSCP&nbsp; Action&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Counter</FONT></P><P><FONT size="2">------ --- ------------------------------- ------------------------------- ---- ----------- ----------- ----- ------- -----------</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp; 1 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17 12124-12125&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp; 2 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17&nbsp;&nbsp;&nbsp;&nbsp; 0-65535 12124-12125&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp; 3 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17 12134-12135&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp; 4 Any&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17&nbsp;&nbsp;&nbsp;&nbsp; 0-65535 12134-12135&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp; 5&nbsp; In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp;&nbsp; 443-443&nbsp;&nbsp;&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P><P><FONT size="2">&nbsp;&nbsp;&nbsp;&nbsp; 6 Out&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp; 443-443&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P><P>&nbsp;</P><P>&nbsp;</P> Thu, 02 Jun 2022 13:56:09 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623333#M242820 Leftz 2022-06-02T13:56:09Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623338#M242821 <P>please see my below comment</P> Thu, 02 Jun 2022 15:36:29 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623338#M242821 MHM Cisco World 2022-06-02T15:36:29Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623350#M242823 <P>Hi</P> <P>&nbsp;How can you expect any change if you are allowing everyting to access your WLC ?&nbsp; This ACL and nothing is the same thing.&nbsp;</P> <P>Define an specific network from where you can access you WLC and permit only this network. Deny everything else.</P> Thu, 02 Jun 2022 14:07:22 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623350#M242823 Flavio Miranda 2022-06-02T14:07:22Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623353#M242824 <P>Thank you very much for your nice reply!&nbsp;</P><P>&nbsp;</P><P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1065752">@MHM Cisco World</a>&nbsp;Yes, but it also should include Seq 2, <STRONG>4</STRONG> and 5, right?&nbsp;</P> Thu, 02 Jun 2022 14:27:57 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623353#M242824 Leftz 2022-06-02T14:27:57Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623374#M242826 <P>can I see exactly what you get from the WLC screen ? screenshot to make some note on it.</P><P>please see my below comment&nbsp;</P> Thu, 02 Jun 2022 15:37:33 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623374#M242826 MHM Cisco World 2022-06-02T15:37:33Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623418#M242827 <P>anyway&nbsp;<BR />let explain to you&nbsp;<BR />there are two&nbsp;<BR />AP/client (any ip unknown port) WLC (management interface + known port)<BR /><BR />so&nbsp;<BR /><BR />AP build tunnel to WLC this tunnel for&nbsp;<BR /><STRONG>inbound</STRONG> is&nbsp;<BR />AP/client (any ip unknown port) WLC (management interface + known port)<BR /><STRONG>Outbound</STRONG> is&nbsp;<BR />WLC (management interface + known port)&nbsp;AP/client (any ip unknown port)&nbsp;</P><P>&nbsp;</P><P>here what you mistake you config the direction <STRONG>ANY</STRONG> this make ACL never work,</P><P>and correct direction of the &nbsp;Seq 1-6 and then you can use it</P> Thu, 02 Jun 2022 15:36:05 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623418#M242827 MHM Cisco World 2022-06-02T15:36:05Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623576#M242836 <P>Thank you MHM.</P><P>After changing config, it can work, but client cannot access wifi. and maybe some ports still need to open. Not sure what its.&nbsp;</P><P>10.20.0.0 is source of administrator.&nbsp;</P><P>&nbsp;</P><P>(Cisco Controller) &gt;show acl detailed acl</P><P>&nbsp;</P><P>&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Destination&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Source Port&nbsp; Dest Port</P><P>Index&nbsp; Dir&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP Address/Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP Address/Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Prot&nbsp;&nbsp;&nbsp; Range&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Range&nbsp;&nbsp; &nbsp;DSCP&nbsp; Action&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Counter</P><P>------ --- ------------------------------- ------------------------------- ---- ----------- ----------- ----- --</P><P>&nbsp;&nbsp;&nbsp;&nbsp; 1 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17 12124-12125&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</P><P>&nbsp;&nbsp;&nbsp;&nbsp; 2 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17&nbsp;&nbsp;&nbsp;&nbsp; 0-65535 12124-12125&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</P><P>&nbsp;&nbsp;&nbsp;&nbsp; 3 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17 12134-12135&nbsp;&nbsp;&nbsp; &nbsp;0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</P><P>&nbsp;&nbsp;&nbsp;&nbsp; 4 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17&nbsp;&nbsp;&nbsp;&nbsp; 0-65535 12134-12135&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</P><P>&nbsp;&nbsp;&nbsp;&nbsp; 5&nbsp; In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.20.0.0/255.255.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; &nbsp;443-443&nbsp;&nbsp;&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</P><P>&nbsp;&nbsp;&nbsp;&nbsp; 6 Out&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.20.0.0/255.255.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp; 443-443&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</P><P>&nbsp;</P><P>DenyCounter : 0</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Thu, 02 Jun 2022 20:47:58 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623576#M242836 Leftz 2022-06-02T20:47:58Z https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623598#M242838 <P>So you note about block traffic is right and that why cisco recommend deny SSH/Telnet and permit any in CPU ACL</P><P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="klklklklklklkl.png" style="width: 515px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/152672i160B06562CECA190/image-dimensions/515x305?v=v2" width="515" height="305" role="button" title="klklklklklklkl.png" alt="klklklklklklkl.png" /></span></P><P>So I make some change to you ACL&nbsp;<BR />permit SSH from only one subnet and deny SSH from any after that, finally the ACL end with permit any any to allow other port and service to access WLC.<BR /><BR /></P><TABLE cellspacing="0" cellpadding="0"><TBODY><TR><TD><P>&nbsp;</P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Source&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Destination&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Source Port&nbsp; Dest Port</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">Index&nbsp; Dir&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP Address/Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; IP Address/Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Prot&nbsp;&nbsp;&nbsp; Range&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Range&nbsp;&nbsp; &nbsp;DSCP&nbsp; Action&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Counter</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">------ --- ------------------------------- ------------------------------- ---- ----------- ----------- ----- --</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.20.0.0/255.255.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; &nbsp;443-443&nbsp;&nbsp;&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp; Out&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.20.0.0/255.255.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp; 443-443&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; In&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; &nbsp;443-443&nbsp;&nbsp;&nbsp; Any </FONT><FONT face="Helvetica" size="5" color="#ff2d21"><STRONG>DENY</STRONG></FONT><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp; Out&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 10.10.10.20/255.255.255.255&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 6&nbsp;&nbsp; 443-443&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0-65535&nbsp; Any </FONT><FONT face="Helvetica" size="5" color="#ff2d21"><STRONG>DENY</STRONG></FONT><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P></TD></TR><TR><TD><P><FONT face="Helvetica" size="5" color="#58585b">&nbsp;&nbsp;&nbsp;&nbsp; 1 Any&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0.0.0.0/0.0.0.0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 17 any&nbsp;&nbsp;&nbsp;&nbsp; any&nbsp; Any Permit&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0</FONT></P></TD></TR></TBODY></TABLE> Thu, 02 Jun 2022 21:29:54 GMT https://community.cisco.com/t5/wireless/acl-impact-on-security-vulnerability/m-p/4623598#M242838 MHM Cisco World 2022-06-02T21:29:54Z