05-15-2010 06:16 AM - edited 03-04-2019 08:29 AM
hi,
i need to create an extended access list to deny one host and allow other hosts to browse internet. All are connected at router's fa0/0 interface. where should be the proper place to apply the ACL? Fa0/0 inbound or as outbound to the proper Serial interface?
05-15-2010 06:21 AM
Inbound to fa0/0 if all your internal networks are connected to fa0/0.
Pls make sure that you configure the deny statement first for the host that you would like to block, then "permit ip any any" statement after that.
Hope that helps.
05-15-2010 07:43 AM
hi,
i need to create an extended access list to deny one host and allow other hosts to browse internet. All are connected at router's fa0/0 interface. where should be the proper place to apply the ACL? Fa0/0 inbound or as outbound to the proper Serial interface?
As per the basics of ACL place the acl to close to the source and as suggedted place in direction in Fa0/0.
First statement should be deny one and second one should be permit ip any one.
Hope to Help !!
Ganesh.H
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide