Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
519
Views
9
Helpful
4
Replies

access lists

carl_townshend
Spotlight
Spotlight

‎01-16-2007 02:12 AM - edited ‎03-05-2019 01:47 PM

Hi all, for the ccna exam, if it asks me about applying access lists, where are they best applied, closest to source or dest ?

Labels:
0 Helpful
4 Replies 4

m.sir
Level 7
Level 7

‎01-16-2007 02:18 AM

- place extended access list close to the source

- place standard access list close to the destination

M.

carl_townshend
Spotlight
Spotlight
In response to m.sir

‎01-16-2007 02:28 AM

thanks for that, is there a reason for it ?

0 Helpful

imran_mo
Level 1
Level 1
In response to carl_townshend

‎01-16-2007 03:34 AM

Coz standard access lists can only filter based on source IP. If you place it close to source, all traffic will be blocked.Thats why you place it close to destination.

Extended access list can do fine filtering based on ports and protocols.So you place it close to source so you can filter the traffic before it takes up your precious bandwidth!!

Hope this helps.

adnan.zafar
Level 1
Level 1

‎01-26-2007 10:21 PM

Hi

the router you are working is source and destination 2 ( inbound and outbound)

So when you want to restrict you inbound traffic to outbound you implement access list in inbound

and when you want to restrict your outbound traffic to enter into your domain then you implement access list in your outbound interface......

Hope this may helps you

0 Helpful
Customers Also Viewed These Support Documents