10-06-2003 07:11 AM - edited 03-02-2019 10:48 AM
hi
I need some clarification in applying acls in interfaces.
after creating an ACL with a sample number 101 if u r applying the same in 2 interfaces (Ser1,eth0) how the traffic will be matched?
1.will it be matched based on inbound(traffic from u r trusted inside network)/outbound(traffic from untrusted outside network)
or
2.Based on In/Out traffic on ur interface(eg. like wht ever traffic generated from a pc(local lan)/also replies coming from outside network for the requests made by the pc will be IN traffic to eth0/ser 1 and traffic going out of ser1/eth0 treated as outgoing.
plz clarify these 2 simple points which is really haunting me..
prem
Solved! Go to Solution.
10-06-2003 07:22 AM
If you have an ACL applied inbound to an interface:
int s0
ip access-group 101 in
the traffic that will be filtered will be traffic that is inbound to that interface. Inbound meaning coming into the interface from the WAN media.
If you have an ACL outbout on an interface:
int s0
ip access-group 101 out
The traffic that will be filtered will be traffic that is outbound of the interface onto the WAN media.
This includes packets sourced by the router and packets from other interfaces that have been processed by the router are are queued on the outbound interface s0
-HTH
10-06-2003 07:22 AM
If you have an ACL applied inbound to an interface:
int s0
ip access-group 101 in
the traffic that will be filtered will be traffic that is inbound to that interface. Inbound meaning coming into the interface from the WAN media.
If you have an ACL outbout on an interface:
int s0
ip access-group 101 out
The traffic that will be filtered will be traffic that is outbound of the interface onto the WAN media.
This includes packets sourced by the router and packets from other interfaces that have been processed by the router are are queued on the outbound interface s0
-HTH
10-06-2003 07:36 AM
jamey thks for the info
prem
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide