3.2.2 Set inbound 'ip access-group' on the External Interface

Information

This command places the router in access-list configuration mode, where you must define the denied or permitted access conditions by using the deny and permit commands.

Solution

Apply the access-group for the external (untrusted) interface
hostname(config)#interface {external_interface}
hostname(config-if)#ip access-group {name | number} in

See Also

https://workbench.cisecurity.org/files/508

Item Details

Category: SYSTEM AND COMMUNICATIONS PROTECTION

References: 800-53|SC-7(11)

Plugin: Cisco

Control ID: 4b5adb95cfaf4829a66612fe76f230c06ec4bd646ab8a486ef6fd0da0d316316