Solved: Re: In/out behavier of ACL's

rteglgaa · ‎07-11-2003

Hi,

When configuring something like "ip access-group ACL in" does the "in" mean in-going traffic, or inner side of the port/vlan on which the access-group is added?

Rgds,

Rasmus

steve · ‎07-11-2003

Hope this helps:

When applying an accesslist 'out' tell the router to compare outgoing packets and not inbound packets and 'in' the other way round of course.

Out to a router means packets leaving its interface and in means packets arriving at the interface.

cheers

Steve

View solution in original post

steve · ‎07-11-2003

Hope this helps:

When applying an accesslist 'out' tell the router to compare outgoing packets and not inbound packets and 'in' the other way round of course.

Out to a router means packets leaving its interface and in means packets arriving at the interface.

cheers

Steve

rteglgaa · ‎07-11-2003

Thanks for your answer. Just what I needed.

You might wonder why I'm asking such a question. The thing is that I'm not actually configuring a Cisco device. I configuring a HP ProCurve routing switch which a kind of a Cisco-wannabe. Same CLI, same command, ACLs etc.

The thing is that in HP's terms IN stands for innner side, and OUT stands for outer side. This did confuse me, since I rememered (as you just told me) that in Cisco terminology the in stands for ingoing.

This coursed my ACLs to stop working, and when I found the cause, I suddenly couldn't remember, what Cisco's way to do it was.

Anyway - thanks.

Rasmus

steve · ‎07-16-2003

No problem...actually I'll make a mental note of how the HP does it!

cheers

Steve