Interview Question

Network Security Administrative I Interview San Antonio, TX

Walk me through the configuration of an ACL on a cisco PIX

Answer

Interview Answer

1 Answer

2

Figure out what needs to be allowed/denied

log into the Pix/ASA
Enter global configuration mode (config t)
Access-List (Name) (Permit/Deny) Protocol 'Source Address' 'Source Netmask' 'Port(optional)' 'Destination Address' 'Destination Netmask' 'Port(optional)'

When defining the port you can use modifiers such as EQ, LT, GT

When allowing all IP's/Networks you can use the any in place of 0.0.0.0 0.0.0.0

You can use host instead of source/destination address 255.255.255.255

It would look like host source/destination address

Patrick on Mar 23, 2011

Add Answers or Comments

To comment on this question, Sign In with Facebook or Sign Up