dissolved
asked on
Advertising OSPF and security
was looking through a network I inherited and saw the below:
Is the deny-ospf-out acl doing anything? I don't see it being applied to any interface or referenced anywhere else.
Is it safe to assume that we are advertising OSPF out to everyone?
Is the deny-ospf-out acl doing anything? I don't see it being applied to any interface or referenced anywhere else.
Is it safe to assume that we are advertising OSPF out to everyone?
access-list deny-ospf-out standard permit 172.16.0.0 255.255.0.0
access-list deny-ospf-out standard permit 10.80.8.0 255.255.255.0
access-list deny-ospf-out standard permit 192.168.100.0 255.255.255.0
access-list permit-ospf-out standard permit any
access-list private-inbound extended deny ip any 10.10.10.0 255.255.255.0
access-list private-inbound extended permit ip 172.16.0.0 255.255.0.0 any
access-group private-inbound in interface inside
access-group outside-to-inside in interface outside
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Depending on your configuration, it's possible. There's certainly nothing about the ACL that would explicitly deny it.
ASKER