[c-nsp] ACL / IPS priority
Oliver Boehmer (oboehmer)
oboehmer at cisco.com
Fri Apr 18 12:32:27 EDT 2008
julien leroiso <> wrote on Friday, April 18, 2008 6:18 PM:
> Hello,
>
> If I have ALC and IPS activate on the same interface.
> Which one will be run first ?
>
> It could look something like :
> interface FastEthernet0/1
> description FE0/1-WAN
> ip address xx.xx.xx.xx 255.255.255.240
> ip access-group 101 in
> ip ips ips-wan in
IPS before ACL, as shown in
http://www.cisco.com/en/US/prod/collateral/iosswrel/ps6537/ps6586/ps6634
/prod_white_paper0900aecd80327257.html (Paragraph "Packets Flowing from
Inside the Network to Outside the Network")
oli
More information about the cisco-nsp
mailing list