cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
986
Views
0
Helpful
2
Replies

Where to place this extended ACL?

lochi_fernando
Beginner
Beginner

hi,


i need to create an extended access list to deny one host and allow other hosts to browse internet. All are connected at router's fa0/0 interface. where should be the proper place to apply the ACL? Fa0/0 inbound or as outbound to the proper Serial interface?

2 Replies 2

Jennifer Halim
Cisco Employee
Cisco Employee

Inbound to fa0/0 if all your internal networks are connected to fa0/0.

Pls make sure that you configure the deny statement first for the host that you would like to block, then "permit ip any any" statement after that.

Hope that helps.

hi,


i need to create an extended access list to deny one host and allow other hosts to browse internet. All are connected at router's fa0/0 interface. where should be the proper place to apply the ACL? Fa0/0 inbound or as outbound to the proper Serial interface?

As per the basics of ACL place the acl to close to the source and as suggedted place in direction in Fa0/0.

First statement should be deny one and second one should be permit ip any one.

Hope to Help !!

Ganesh.H

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers