03-11-2020 05:29 AM
Hello All,
I have a 2800 series router which has subinterfaces defined. One of the subinterface fa0/1.81 has a
layer 2 vlan defined on the connected switch & has users who are only allowed restricted access to systems.
If i want to put an access list for these users using vlan interface 81, should the access list be applied
in or out on fa0/1.81 of the router.
interface fa0/1.81
ip address 192.168.100.1 255.255.255.0
ip extended access list vl81-inbound
10 permit udp 192.168.100.0 0.0.0.255 host 10.58.0.1 eq 53
20 permit tcp 192.168.100.0 0.0.0.255 host 10.58.0.1 eq 443
30 permit icmp 192.168.100.0 0.0.0.255 any
40 deny ip any 192.168.100.0 0.0.0.255
50 deny ip any any
should this above acl be applied as inbound or outbound on fa0/1.81 to make sense.
Thanks in advance.
Solved! Go to Solution.
03-11-2020 05:37 AM
Hi there,
That ACL would be applied inbound as the source subnet will match the connected subnet on fa0/1.81 .
cheers,
Seb.
03-11-2020 05:37 AM
Hi there,
That ACL would be applied inbound as the source subnet will match the connected subnet on fa0/1.81 .
cheers,
Seb.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: