The easiest way to take a policy and is to change the status to inactive to accomplish a disable state. The policy will still be install but will not match or deny.
e.g
access-list EXTERNAL-in extended permit udp host 1.1.1.1 object RAD01 eq 1812
and now;
access-list EXTERNAL-in extended permit udp host 1.1.1.1.1 object RAD01 eq 1812 inactive
This is the easiest method for ensuring the firewall policy will not be enabled.
Ken Felix
NSE ( Network Security Expert) and Route/Switching Engineer.
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( * * )=
o
/ \
No comments:
Post a Comment