Confused with Standard ip access list

gbdavidx · December 2014

I created an access list using Todd's lammle's book for ICND1 but I am confused... it is access-list 10 permit 192.168.20.2, it had me place it on one of my routers going out on the other network. if anyone has his routing and switch book i am doing hands on lab 12.1

this access list is supposed to only allow packets from a single host on the SF LAN to enter the LA LAN however when i ping from SF PC to LA PC it fails, however i can ping from my SF router to the gateway of the switch on LA

atorven · December 2014

The router generated traffic isn't subject to a local acl, in other words only traffic that is transiting the router will be affected by acls.

spacenoxx · December 2014

Add another ACL that includes Routers inside interface and try extended ping and and see if that works.

mikeybinec · December 2014

Lammle has lots of mistakes in his book(s) and there are several in this lab. If you look at the first line on page 531, it sez to allow only one host from the SF lan to enter the LA LAN. .Well the SF Lan is in the 192.168.10.0 network not the x.x.20.0 network..

Regards

esr0159 · December 2014

when you are applying standard or extended ACLs

standard ACLs are placed nearest to the destination
extended ACLs are placed nearest to the source

try to remember those two things

Fulcrum45 · December 2014

esr0159 wrote: »

when you are applying standard or extended ACLs

standard ACLs are placed nearest to the destination
extended ACLs are placed nearest to the source

try to remember those two things

This is what blew my mind for about 2 minutes when I was told to input "Outbound" when I would have sworn it was supposed to be "Inbound" on the receiving router.

Confused with Standard ip access list

Comments