Hi,
ACL is created to match conditions
Ex with standard ACL: access-list 1 permit 10.0.0.0 0.255.255.255
There is implicit deny at the end
So when IP 10.1.1.1.1 comes => ACL matches for this IP
When IP 9.1.1.1 comes => ACL don't match for this IP
Suppose you add explicitely the implicit deny as an ACE n°2 access-list deny any
Q1) does the IOS add always the implicit deny even in this case ?
Q2) in this case, 9.1.1.1 match ACE n°2 (before implicit deny if exists) So, may we consider that ACL matches for this IP ?
Sorry, if it is a weird question but i had to be very clear with these concepts
Regards