[c-nsp] cisco ACL filter outbound only
Tim Densmore
tdensmore at tarpit.cybermesa.com
Tue Sep 15 12:41:32 EDT 2020
Hi Mike,
Not a Cisco solution, but you might look into a
pfsense/opnsense/ipfire/whatever appliance - either physical or
virtual. Even a UBNT edgerouter can do basic stateful stuff if you have
one lying around.
All of these are inexpensive and (probably?) do what you need done. The
first few you can install into a VM to play with by downloading an ISO.
The edgerouter you'd have to fake with vyos/vyatta.
Tim
On 9/14/20 7:17 PM, Mike wrote:
> Hello,
>
>
> I have some gear that needs a public ip, but does not have the best
> security profile, and I want to put up an ACL that only permits this
> gear to make outbound connections while dropping all inbound. My router
> is an ASR920 running IOS-XE 03.17.03.S. Does anyone have a simple
> copy/paste acl for this type of job?
>
>
> Thank you.
>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>
More information about the cisco-nsp
mailing list