Solved: ACL on interface connected to ISP - Cisco Community

1161

Views

5

Helpful

4

Replies

We currently have a configuration is which and ACL in is configured under the connection to our ISP

interface GigabitEthernet0/0/1
description ISP
ip address xxx.xxx.xxxx
ip access-group 100 in

under ACL 100 we have rules applying to snmp.some permits..and implicit denies

We have another gig interface configured w/ a Public Address for our NAT'd IP.s

g0/0/2

We are going to poll snmp on that interfaces configured IP. (public)

My question is...Will the ACL on G0/0/1 impact all SNMP traffic going through g0/0/1?

Or becuase it is destined for an interface with no ACL...will SNMP be free to go through g0/0/1 to g0/0/2?

1 Accepted Solution

Accepted Solutions

Yes it will unless you allow it in the acl.

Jon

View solution in original post

4 Replies 4

It is not entirely clear what you mean.

If traffic has to go through an interface with an acl to get to another interface on the same device then the acl will be applied.

Is that what you are asking ?

Jon

Hi Jon

Host 10.1.1.1 is located in San Diego and must go across the internet to pull snmp

from g0/1 which has the IP address of 192.168.2.2-no ACL on either of these interfaces

However, in order to get to the 192 address/interface...traffic must transverse g0/0

which has an ACL in of deny snmp ...that ip address is 172.10.1.1

for the sake of argument theses IP's are all public.

both 192.168.2.2. and 172.20.1.1 are located on the same router

my question is...since traffic must transverse g0/0 which has an ACL in applied to it.

Will this prevent snmp request traffic from reaching g0/1

Yes it will unless you allow it in the acl.

Jon

thanks again Jon

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community