Good morning!
If an ACL is applied to an interface without an IP address will it have any
effect? Config example as follows.
interface Ethernet0/1
speed 1000
duplex full
nameif DMZ-TRUNK
security-level 0
no ip address
!
interface Ethernet0/1.1
vlan 1
nameif DMZ1
security-level 50
ip address 10.1.1.1 255.255.255.0 standby 10.1.1.2
!
interface Ethernet0/1.2
vlan 2
nameif DMZ2
security-level 50
ip address 10.2.1.1 255.255.255.0 standby 10.2.1.2
!
interface Ethernet0/1.3
vlan 3
nameif DMZ3
security-level 50
ip address 10.3.1.1 255.255.255.0 standby 10.3.1.2
!
!
access-group outside_access_in in interface outside
access-group outside_access_in in interface DMZ-TRUNK
access-group DMZ-1-access_in in interface DMZ1
access-group DMZ-2_access_in in interface DMZ2
access-group DMZ-3_in in interface DMZ3
I stumbled upon this configuration yesterday when planning for an upgrade. Any
ideas on if this ACL applied to the DMZ-TRUNK interface is doing anything?
Any insight would be appreciated!
Thanks!
Aaron Tekippe
_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit
www.ipexpert.com
Are you a CCNP or CCIE and looking for a job? Check out
www.PlatinumPlacement.com
