cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19997
Views
8
Helpful
4
Replies

sl_def_acl ?

m.pizzi
Level 1
Level 1

Hi to all,

Does anyone knows what is this access list (sl_def_acl) ?

I've found it making a "sh accces-list" command on a 837 Cisco router (IOS Version 12.3(4)).

It seems to be taken in consideration if applied with the inspection command.

There is a way in order to remove it?

Thanks for your precious attention.

1 Accepted Solution

Accepted Solutions

owillins
Level 6
Level 6

This is the "Secure Login Default ACL". This access list is not applied on any of the interfaces and this is a new security feature added to the latest version of IOS. If a brute force attack is launched against the router, it can be configured to apply this ACL to the VTY,AUX & CON lines to prevent access after a configured amount of failed login attempts.

The link that describes it's use is

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html

Since this is a part of the IOS, guess the only way to remove it would be to change the IOS running on your router to 12.2. But I don't see any need to do this if it does not affect the router.

View solution in original post

4 Replies 4

owillins
Level 6
Level 6

This is the "Secure Login Default ACL". This access list is not applied on any of the interfaces and this is a new security feature added to the latest version of IOS. If a brute force attack is launched against the router, it can be configured to apply this ACL to the VTY,AUX & CON lines to prevent access after a configured amount of failed login attempts.

The link that describes it's use is

http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html

Since this is a part of the IOS, guess the only way to remove it would be to change the IOS running on your router to 12.2. But I don't see any need to do this if it does not affect the router.

Thanks a lot for your reply.

The link is broken

Considering that the link goes back to at least 2004 I am not surprised that it no longer works. Here is a link that mentions that acl. I hope you find it helpful

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/sec_usr_cfg/configuration/xe-3s/sec-usr-cfg-xe-3s-book/sec-login-enhance.html

 

HTH

 

Rick

HTH

Rick