02-11-2007 11:37 PM - edited 03-03-2019 03:42 PM
Hello
i have to apply an acl to secure my inside network with the traffic comming from outside.So on what interface and in what direction i can use acl?
Another thing is that a host is nat with inside interface if i apply acl on this interface what will be the acl direction and on what interface.
Your quick response will be highly apreciated thanx
02-11-2007 11:47 PM
Hi
If you want to secure your inside network from traffic coming from outside then you want to apply your acl on the interface that connects to the outside and you want to apply it in the inbound direction.
Coudl you explain the NAT setup a bit more clearly ?
HTH
Jon
02-12-2007 02:09 AM
actually we r using PAT means we have one public ip and we use the syntax
"nat inside 1 192.168.10.1 255.255.255.255"
so my question is can i apply an acl using host 192.168.10.1 as my destination address
02-12-2007 02:23 AM
Hi
If you are applying your acl on the outside interface in an inbound direction to restrict traffic from the outside you need to use the Natted address. But this won't work if you are using PAT.
If a packet comes from the outside with the destination address of your public ip and you hide all your private addresses behind this one public address your router won't know which private host to send the traffic to.
Does this make sense ?
Jon
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide