Access-list question
 




IT Certification FAQ
 
|
Home
 |
Microsoft
 |
CISCO
 |
CompTIA
 |
Exam/Study FAQ
 |
Employment FAQ
 | Links  | Forums  |
Book Reviews


FAQFAQ  SearchSearch  MemberlistMemberlist  UsergroupsUsergroups  RegisterRegister  ProfileProfile  Log in to check your private messagesPrivate messages  Log inLog in

Access-list question

 
Post new topic   Reply to topic    Forum Index -> CISCO
Author Message
charleskoh



Joined: 20 Apr 2005
Posts: 2
PostPosted: Wed Apr 20, 2005 4:15 am    Post subject: Access-list question Reply with quote
Hi,

I have a router which the e0 is connected to network A and the S0 is connected to network B.I wanted to limit access from network B to A.

question: The access list is to be placed on e0(out) or s0(in) and why ?

Secenrio :
I have placed the access-list on s0(out) previously and it blocked some of the ports trying to access from network B(I have done a show log and show accesss-list to come to this statement)which are supposed to be allowed. I am curious as the access list is placed on the s0(out) not (in) and it should not have any effect on the incoming packets.

Any advice or comments will be greatly appreicated.
Back to top
biofear1



Joined: 02 May 2005
Posts: 1
PostPosted: Mon May 02, 2005 5:52 pm    Post subject: Re: Access-list question Reply with quote
There is a way to remember where access lists are to be placed. I learned this from a friend who used to be a Cisco instructor. SS represnts nazism so you never want that. SS (Standard ACL should never be closest to the Source). Therefore Extened ACL's should be closest to the source and Standard ACL's should be closest to the destination.
Back to top
Display posts from previous:   
Post new topic   Reply to topic    Forum Index -> CISCO All times are GMT
Page 1 of 1

 

Copyright © 2002-2006 Web-S-Sense Pty. Ltd. All rights reserved.

Powered by phpBB
Advertising | Policies/Disclaimers | Contact us | Link to us

Featured Sites: Free Antivirus and Antispyware Info | Free PC Support | MCSE Directory