ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Firewall Madness

    IT Discussion
    2
    2
    420
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • anthonyhA
      anthonyh
      last edited by

      I'm cleaning up the firewall at one of our datacenters, and I'm finding multiple instances of ACLs similar to the following:

      access-list RTSP extended deny tcp any4 any4 eq rtsp
      access-list RTSP extended deny tcp any4 host 67.113.51.34 eq rtsp
      access-list RTSP extended deny tcp host 67.113.51.34 eq rtsp any4
      access-list RTSP extended permit tcp any4 any4 eq rtsp
      access-list RTSP extended permit tcp any4 eq rtsp any4

      This is a Cisco ASA 5510. I am not, by any means, an ASA expert, but if my knowledge about ACLs is correct...the first statement in that ACL makes the remaining statements superfluous. Am I wrong?

      1 Reply Last reply Reply Quote 1
      • J
        Jason Banned
        last edited by

        Is the ordering the same as shown? depending on the ordering it may be used for filtering down the statements.

        1 Reply Last reply Reply Quote 1
        • 1 / 1
        • First post
          Last post