We have a remote site with a T1 to the internet.
They have an 1841 router with an ASA behind it.
I noticed the router itself has no ACLs on it to protect it from the outside world. But the ASA is properly configured. I understand that your firewalls should be doing the packet filtering, but is this best practices? We do have several tunnels terminating in the ASA