[c-nsp] Simple ACL not working 7600
Roland Dobbins
rdobbins at arbor.net
Tue Aug 5 00:35:41 EDT 2014
On Aug 5, 2014, at 11:01 AM, Frank Bulk (iname.com) <frnkblk at iname.com> wrote:
> We don't have a captive portal, and even if we did, I wouldn't block over 10% of our customers!
Well, one oughtn't to *block* them, but to force them into the portal often enough to get them to call into the help-desk. And not all at once, of course - do it for some proportion at a time.
> And even more so if there's no reasonable mitigation other than buying a new SOHO router.
It is what it is; enough of these, and enough ports blocked via ACLs, and the subscribers won't have any ports left to communicate through, heh.
The risk is that you'll end up with subscribers having weird issues which lead to dissatisfaction, more help-desk calls, and customer churn.
----------------------------------------------------------------------
Roland Dobbins <rdobbins at arbor.net> // <http://www.arbornetworks.com>
Equo ne credite, Teucri.
-- Laocoön
More information about the cisco-nsp
mailing list