[c-nsp] many interfaces in router, how to easy use the access-list rules
Pelle
perc69 at gmail.com
Fri Feb 6 03:19:57 EST 2009
Hi.
> What is the easy way to put access-list for permit and deny to access http
> in the router?
If you want an *easy* way, you can protect the http process with a ACL:
ip http access-class <acl>
See: http://www.cisco.com/en/US/docs/ios/netmgmt/command/reference/nm_08.html#wp1020105
This not as "safe" as protecting all ingress interfaces, but it works.
An ingress ACL is better because unwanted packets are dropped using
less resources, especially on a hardware platform.
--
Pelle
More information about the cisco-nsp
mailing list