nav[aria-label="Primary Navigation"] { padding: 0; & ul { list-style: none; width: 100%; display: flex; flex-direction: row; justify-content: start; align-items: start; gap: 30px; padding: 0; & li { margin: 0; } & ul li { list-style: none; } } }

Confused with Standard ip access list

gbdavidx

I created an access list using Todd's lammle's book for ICND1 but I am confused... it is access-list 10 permit 192.168.20.2, it had me place it on one of my routers going out on the other network. if anyone has his routing and switch book i am doing hands on lab 12.1

this access list is supposed to only allow packets from a single host on the SF LAN to enter the LA LAN however when i ping from SF PC to LA PC it fails, however i can ping from my SF router to the gateway of the switch on LA

Find more posts tagged with

SAVE $250 on Your CISCO Boot Camp — Use Code "EXAM26"

Exclusively for TechExams members for Infosec Boot Camps starting before April 30, 2026

View CISCO Boot Camps

Comments

atorven

The router generated traffic isn't subject to a local acl, in other words only traffic that is transiting the router will be affected by acls.

spacenoxx

Add another ACL that includes Routers inside interface and try extended ping and and see if that works.

mikeybinec

Lammle has lots of mistakes in his book(s) and there are several in this lab. If you look at the first line on page 531, it sez to allow only one host from the SF lan to enter the LA LAN. .Well the SF Lan is in the 192.168.10.0 network not the x.x.20.0 network..

Regards

esr0159

when you are applying standard or extended ACLs

standard ACLs are placed nearest to the destination
extended ACLs are placed nearest to the source

try to remember those two things

Fulcrum45

esr0159 wrote: »

when you are applying standard or extended ACLs

standard ACLs are placed nearest to the destination
extended ACLs are placed nearest to the source

try to remember those two things

This is what blew my mind for about 2 minutes when I was told to input "Outbound" when I would have sworn it was supposed to be "Inbound" on the receiving router.