- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2018 03:08 AM - edited 09-13-2018 03:10 AM
Solved! Go to Solution.
- Labels:
-
Routing Protocols
-
WAN
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2018 03:26 AM
Don't know why you cannot apply an acl outbound but you can apply the acl inbound on your LAN interface.
Don't forget "permit ip any any" in your acl for all the other traffic.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2018 04:04 AM - edited 09-13-2018 04:19 AM
Thanks.
But isn't "permit ip any any" implicitly added on all lists.
I was expecting implicit permit for all other traffic.
Then, if you need to customise you could use:
"no permit any any" on the ACLs.
Also, I understand that ACLs rules are better written for INBOUND traffic because the rules are applied before reaching the router/core network. Thereby preventing unnecessary congestion.
Tell me, I’ll forget; Show me, I’ll remember; Involve me, I’ll understand
~ Chinese Proverb
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2018 03:26 AM
Don't know why you cannot apply an acl outbound but you can apply the acl inbound on your LAN interface.
Don't forget "permit ip any any" in your acl for all the other traffic.
Jon
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2018 04:04 AM - edited 09-13-2018 04:19 AM
Thanks.
But isn't "permit ip any any" implicitly added on all lists.
I was expecting implicit permit for all other traffic.
Then, if you need to customise you could use:
"no permit any any" on the ACLs.
Also, I understand that ACLs rules are better written for INBOUND traffic because the rules are applied before reaching the router/core network. Thereby preventing unnecessary congestion.
Tell me, I’ll forget; Show me, I’ll remember; Involve me, I’ll understand
~ Chinese Proverb
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
09-13-2018 05:08 AM
No, it's the opposite. There's an implicit deny all at the end of any ACL.
