Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1648
Views
5
Helpful
1
Replies

subinterface access list

Go to solution
suthomas1
Level 6
Level 6

‎03-11-2020 05:29 AM

Hello All,

I have a 2800 series router which has subinterfaces defined. One of the subinterface fa0/1.81 has a
layer 2 vlan defined on the connected switch & has users who are only allowed restricted access to systems.
If i want to put an access list for these users using vlan interface 81, should the access list be applied
in or out on fa0/1.81 of the router.

 

interface fa0/1.81
ip address 192.168.100.1 255.255.255.0

 

ip extended access list vl81-inbound
10 permit udp 192.168.100.0 0.0.0.255 host 10.58.0.1 eq 53
20 permit tcp 192.168.100.0 0.0.0.255 host 10.58.0.1 eq 443
30 permit icmp 192.168.100.0 0.0.0.255 any
40 deny ip any 192.168.100.0 0.0.0.255
50 deny ip any any

 

should this above acl be applied as inbound or outbound on fa0/1.81 to make sense.

 

Thanks in advance.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎03-11-2020 05:37 AM

Hi there,

That ACL would be applied inbound as the source subnet will match the connected subnet on fa0/1.81 .

 

cheers,

Seb.

View solution in original post

1 Reply 1

Go to solution
Seb Rupik
VIP Alumni
VIP Alumni

‎03-11-2020 05:37 AM

Hi there,

That ACL would be applied inbound as the source subnet will match the connected subnet on fa0/1.81 .

 

cheers,

Seb.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card