Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
234
Views
0
Helpful
1
Replies

ACL VMS

d.rocco
Level 1
Level 1

‎07-29-2004 02:33 AM - edited ‎03-02-2019 05:23 PM

Hi,

I'm using The VMS with MC Pix Firewall 1.3.1 for the management of a service provider's pix firewall.

At the end of every ACL i put the following access rule for see how deny match there are:

access-list acl_mdc_dmz1_access deny ip any any.

The problem is when i do the deployment of config:

the generete config is this:

access-list acl_mdc_dmz1_access deny ip any 0.0.0.0 248.0.0.0 log default

access-list acl_mdc_dmz1_access deny ip any 8.0.0.0 254.0.0.0 log default

access-list acl_mdc_dmz1_access deny ip any 10.0.0.0 255.224.0.0 log default

access-list acl_mdc_dmz1_access deny ip any 10.32.0.0 255.252.0.0 log default

access-list acl_mdc_dmz1_access deny ip any 10.36.0.0 255.254.0.0 log default

access-list acl_mdc_dmz1_access deny ip any 10.38.0.0 255.255.0.0 log default

access-list acl_mdc_dmz1_access deny ip any 10.39.0.0 255.255.248.0 log default

.......................

access-list acl_mdc_dmz1_access deny ip 192.170.0.0 255.254.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 192.172.0.0 255.252.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 192.176.0.0 255.240.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 192.192.0.0 255.192.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 193.0.0.0 255.0.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 194.0.0.0 254.0.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 196.0.0.0 252.0.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 200.0.0.0 248.0.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 208.0.0.0 240.0.0.0 10.39.8.0 255.255.252.0 log default

access-list acl_mdc_dmz1_access deny ip 224.0.0.0 224.0.0.0 10.39.8.0 255.255.252.0 log default

I don't understand why this happen.

Thank's to all

Diego

Labels:
0 Helpful
1 Reply 1

afakhan
Level 4
Level 4

‎08-09-2004 12:22 PM

Hi Diego,

This doesn't seem to make much sense, please provide us details abt your scenario, screen shots of the rules that you're putting in, and the PIX FW config.

thanks,

Afaq

0 Helpful
Customers Also Viewed These Support Documents