[f-nsp] ACL's on VE Int's (SI XL)

Michael Bellears MBellears at staff.datafx.com.au
Wed Dec 8 19:29:42 EST 2004


Is it possible to apply an ACL to a VE Int? (I don't think it is...)

SW: Version 07.4.01T12

(config)#in ve 2

(config-vif-2)#   
  clear                  Reset functions/remove keys
  end                    End config-level commands
  exit                   Exit current level commands
  ip                     IP interface
  link                    associate this virtual interface with an ISP
link
  no                     Undo commands
  quit                   Exit to user level
  rshow                  Remote show system information
  show                   Show system information
  write                  Write running configuration to memory or
terminal
  <cr>

Would I have to apply the acl to the eth int? Or is it not recommended
to use the SI as a "simple" firewall?
(I wanted to only allow arbitrary connections to ports 21,80+443 to the
real servers - And do not have a spare FW atm!)

TIA.

Regards,
MB



More information about the foundry-nsp mailing list