Re: ACL that was in new router

From: lab@coloradokenpo.com
Date: Thu Jun 24 2004 - 16:15:18 GMT-3

• Next message: Joseph D. Phillips: "Change of e-mail address"
• Previous message: Bob Sinclair: "Re: Multicast TTL Scoping"
• Maybe in reply to: Zachary Hinz: "ACL that was in new router"
• Next in thread: Xiangrong Wang: "Re: ACL that was in new router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

If it is an IOS feature, then it may not show up under the configuration.
The section titled "login quiet-mode access-class" on the link specifies
exactly the parameters in the ACL. I would assume you can apply it, but
doesn't show up in the configuration because it is a default feature.
Default commands don't show in the config (i.e. ip domain-lookup is
default, therefore it doesn't show up. A no ip domain-lookup however, is
not the default, therefore it does show up in the config).

Sean

> Thanks for the link. I still don't see why they would have an ACL
> preconfigured in the router and it doesn't display in the config.
>
> Zac
>
>
> ----Original Message Follows----
> From: Richard Gallagher <rgallagh@cisco.com>
> To: Zachary Hinz <z_hinz@hotmail.com>
> CC: ccielab@groupstudy.com
> Subject: Re: ACL that was in new router
> Date: 24 Jun 2004 17:15:27 +0200
>
> It's related to this new feature in 12.3:
>
> http://www.cisco.com/en/US/products/sw/iosswrel/ps5207/products_feature_guide09186a00801d1cb3.html
>
> Rich
>
> On Thu, 2004-06-24 at 17:00, Zachary Hinz wrote:
> > Hello,
> >
> > I just received and installed a brand new (not refurbished) router and
> it
> > has an ACL on it that isn't applied and doesn't show up in the config.
> It
> > can only be seen by issuing the command "show ip access-lists." The
> router
> > is a 2621XM with the VPN AIM in it. It is running
> > c2600-advipservicesk9-mz.123-4.T4.bin. The name of the ACL that
> displays
> is
> > "sl_def_acl." I've googled it and get no info on this ACL. It don't
> see
> > that it is applied anywhere and it hasn't taken any hits. Here is the
> ACL.
> >
> > Extended IP access list sl_def_acl
> > 10 deny tcp any any eq telnet log
> > 20 deny tcp any any eq www log
> > 30 deny tcp any any eq 22 log
> > 40 permit ip any any log
> >
> > Anyone have any info on this.
> >
> > Zac Hinz
> > CCIE 12,419
> >
> > _________________________________________________________________
> > FREE pop-up blocking with the new MSN Toolbar  get it now!
> > http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
> >
> > _______________________________________________________________________
> > Please help support GroupStudy by purchasing your study materials from:
> > http://shop.groupstudy.com
> >
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
> _________________________________________________________________
> MSN 9 Dial-up Internet Access fights spam and pop-ups  now 3 months FREE!
> http://join.msn.click-url.com/go/onm00200361ave/direct/01/
>
> _______________________________________________________________________
> Please help support GroupStudy by purchasing your study materials from:
> http://shop.groupstudy.com
>
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

• Next message: Joseph D. Phillips: "Change of e-mail address"
• Previous message: Bob Sinclair: "Re: Multicast TTL Scoping"
• Maybe in reply to: Zachary Hinz: "ACL that was in new router"
• Next in thread: Xiangrong Wang: "Re: ACL that was in new router"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sat Jul 03 2004 - 19:40:49 GMT-3