About s1rm

s1rm · 08-06-2010

My goal is to be able to edit firewall exceptions "on the fly" and without having to hack an ACL. I have created a service object-group that contains exceptions to the firewall, however when I apply this object-group to the firewall ACL, it opens up ...

s1rm · 11-02-2010

No. I have not yet found a way to make this work. If you find a resolution please let us know!

s1rm · 08-06-2010

Extended IP access list FIREWALL 5 permit object-group FIREWALL-EXCEPTIONS any any log (62 matches) 500 deny ip any any (3457 matches)Service object group FIREWALL-EXCEPTIONS tcp eq 61259 tcp eq 25222The object-group shows up in the FIREWALL ...

s1rm · 08-06-2010

You're right Jon. The ACL should actually read "permit tcp any any object-group FIREWALL-EXCEPTIONS" but the device won't take the command when it's structured like that! It's really throwing me off!Maybe I've encountered a bug in the IOS?Here's the ...

Member Since	‎08-06-2010 01:03 AM
Date Last Visited	‎08-18-2017 03:53 AM
Posts	4
Total Helpful Votes Received	5

User Statistics

User Activity

Object-group entry in ACL breaks IOS firewall

Re: Object-group entry in ACL breaks IOS firewall

Re: Object-group entry in ACL breaks IOS firewall

Re: Object-group entry in ACL breaks IOS firewall