Confused on ACLs

Hey guys,

I've got a mental block when it comes to ACLs. Just a few questions;

diagram--

{internet}

s0(router1)fa0/0----fa0/0[switch1]e0

!pc1!

Say I want to block PC1 from reaching the internet. Do I put an IN access list on the fa0/0 port, or do I put an OUT access list on the s0 port?

Or do I put an OUT access list on fa0/0?

This is my worst subject by far, I don't feel like any of my materials have explained ACLs well at all

Find more posts tagged with

Free for TechExams community: Cybersecurity salary guide

Compare cert salaries and plan your next career move

Button

Comments

shednik

I would place the ACL on S0/0 and on traffic going out...

dtlokee

Why not put it inbound on the router' Fa0/0 port, that way you drop it before it gets routed.

Kcolon1

If it's a standard ACL - it's best to put it on the devide closest to the destination. - I just read that 10 minutes ago on the Sybex 640-802 book lol.

larkspur

for directional puposes i usually look at it as if I was in the router and then use the appropraite acl.

my 2 cents

r_durant

Agreed...

dtlokee wrote:

Why not put it inbound on the router' Fa0/0 port, that way you drop it before it gets routed.

It probably wont be a standard if it's blocking www (specific) traffic...

Kcolon1 wrote:

If it's a standard ACL - it's best to put it on the devide closest to the destination. - I just read that 10 minutes ago on the Sybex 640-802 book lol.