cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
107
Views
0
Helpful
4
Replies
Beginner

download ACL which services are supported ?

hi

with 6.2 we can download ACL per services (Telnet/HTTP/FTP)

to authorize users to work on ,but about other services like HTTPS or

SSH and special TCP ports application , are they supported also ?

or is it restricted to Telnet/HTTP/FTP ?

thanks in advance for any hints on that

JYP

4 REPLIES
Beginner

Re: download ACL which services are supported ?

Hi JYP,

If you mean downloadable ACL in PIX 6.2 as per this link, there is not restriction to what all ports you can block and allow.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_62/config/mngacl.htm#1030990

Thanks

Sujit

Beginner

Re: download ACL which services are supported ?

Hi Sujit

thanks for your response, customer claimed that doesnt work with

HTTPS protocol ??

JYP

Highlighted
Enthusiast

Re: download ACL which services are supported ?

It is true that if you use the manual CLI to define authorizations you cannot do HTTPS. You can only do HTTP, FTP, and Telnet. However, the per-user ACL download places the ACL on the interface you authorizing on. This creates a temporary ACL on the input of that interface for that user/ip-address which allows you to define anything you would normally define in an interface ACL.

-S

Beginner

Re: download ACL which services are supported ?

thanks for your response, do you have any configuration examples available for this per-user ACL ?

JYP

CreatePlease to create content
Ask the Expert- Firepower configuration & troubleshooting