10-29-2004 01:17 PM - edited 03-05-2019 11:18 AM
Hi,
I have a very basic question about the differences beween ACL behaviour in PIX and Router.
In Router if we put an extended acl entry and want to remove an mid entry then either we have to clear the entire ACL or remove the entries all the below.
Whereas in case of PIX we can remove any of the entry.
Why this difference is there.
Would appreciate your quick answers.
Thanks
Irshad
10-30-2004 03:39 AM
The PIX OS is designed such a way. Anyway, even in routers you can remove a mid entry by configuring named access-lists. You need not clear the entire ACL in this case.
ip access-list extended ROUTER-ACL
permit ip host x.x.x.x host y.y.y.y any
11-07-2004 03:55 AM
I think its totaly Depend on IOS feature casue Router IOS is not capabel to do this and in PIX we some specialize and advance feature in PIX IOS thats why u can remove any of the entry in PIX ACL.
11-29-2004 02:25 AM
you can remove part of the acces-list statement using named access list. Since PIX is completely used for security more features like this is used
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide