Book now with code EOY2025
Cisco's Documentation wrote: Applying Access Lists to Interfaces For some protocols, you can apply up to two access lists to an interface: one inbound access list and one outbound access list. With other protocols, you apply only one access list which checks both inbound and outbound packets. If the access list is inbound, when the router receives a packet, the Cisco IOS software checks the access list's criteria statements for a match. If the packet is permitted, the software continues to process the packet. If the packet is denied, the software discards the packet. If the access list is outbound, after receiving and routing a packet to the outbound interface, the software checks the access list's criteria statements for a match. If the packet is permitted, the software transmits the packet. If the packet is denied, the software discards the packet.
rakem wrote: Hi guys, m setting a couple of access lists at work and im just a bit rusty on the actual placement of the ACLs. I seem to remember a statement from some text book saying something like "one ACL per interface per protocol per direction" or something.. So is it wrong to put an inbound and outbound access list on one interface?
tech-airman wrote: rakem wrote: Hi guys, m setting a couple of access lists at work and im just a bit rusty on the actual placement of the ACLs. I seem to remember a statement from some text book saying something like "one ACL per interface per protocol per direction" or something.. So is it wrong to put an inbound and outbound access list on one interface? rakem, Sometimes, the answer is staring you right in the face. As you mentioned "one ACL per interface per protocol per direction." So an inbound ACL is DIFFERENT from an outbound ACL. That means you can apply one ACL in the inbound direction and apply a separate ACL in the outbound direction on the same interface. I hope this helps.
Use code EOY2025 to receive $250 off your 2025 certification boot camp!
