Hello all,
After re-reading the FM (prompted by a couple of folks who forwarded snips
of their docs, which didn't quite jive with what I remember reading in my
manuals), I discovered that my problem is with the older Cisco IOS that is
in use (v9.14.4). My docs state:
"After receiving and routing a packet to a controlled interface, the router
checks the source address of the packet against the access list." ...
"Access lists are applied on outbound interfaces to outbound traffic."
So, therein lies my problem, which, with this version of the IOS, is
apparently not a problem but a feature. :) Further, the 'any' keyword is
unknown to this version, and port specifications are applicable to the
destination address only.
Thanks to everyone who offered help and advice - your time and effort is
appreciated.
In closing, we _do_ have plans to upgrade the IOS to v12.0.9. We're trying
to decide whether to go with the $300 simple IOS upgrade, or the $3300
IOS/FW + IPSEC upgrade. If anyone has any comments on this (specifically
the value, capability, etc of the latter option), I'd love to hear from you.
Cheers!
Jon
-----------------------------------------------------------------
Jon Earle (613) 612-0946 (Cell)
HUB Computer Consulting Inc. (613) 830-1499 (Office)
http://www.hubcc.ca 1-888-353-7272 (Within Canada/US)
"God does not subtract from one's alloted time on Earth,
those hours spent flying." --Unknown
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
