Standard Access Lists

TalicTalic Member Posts: 423
I was reading the Standard Access List example in Todd Lammle's book (page 622 and 623) and I'm a confused when he applied it to the interface. Isn't the access list supposed be on the incoming list for E1 (Finance group that is the ones that are being protected from the evil Sales and Marketing people icon_evil.gif ) rather then the outbound list? Or better yet, put in on both outbound and inbound lists :P .


  • msteinhilbermsteinhilber Member Posts: 1,480 ■■■■■■■■□□
    The ACL is applied to the outbound E1 interface (E1 connects Finance) which means packets destined for the Finance department (through the E1 interface) will be discarded because the packets reach the router from Sales and to reach Finance they have to go out E1 (hence outbound E1).
  • TalicTalic Member Posts: 423
    Ah alright, it's just another way of saying the closest interface to the network you want to control access to.

    A question about the numbering: when adding the number, does it matter which you pick? Is it just used for tracking what list your using? I know the number determines if it's standard or extended but he didn't really explain why the number he picked within that range of 1-99.
  • networker050184networker050184 Mod Posts: 11,962 Mod
    The number is for tracking purposes and also the number determines what type of ACL.
    R1(config)#access-list ?
    <1-99> IP standard access list
    <100-199> IP extended access list
    <1000-1099> IPX SAP access list
    <1100-1199> Extended 48-bit MAC address access list
    <1200-1299> IPX summary address access list
    <1300-1999> IP standard access list (expanded range)
    <200-299> Protocol type-code access list
    <2000-2699> IP extended access list (expanded range)
    <300-399> DECnet access list
    <600-699> Appletalk access list
    <700-799> 48-bit MAC address access list
    <800-899> IPX standard access list
    <900-999> IPX extended access list
    An expert is a man who has made all the mistakes which can be made.
Sign In or Register to comment.