Access Lists in out troubles

gouki2005gouki2005 Member Posts: 197
in CCNA & CCENT
I still dont understand the in or out for the access list look the picture

http://www.tic.ac.uk/opnet/StudentWebsite/images/Lab2.h39.jpg

now look the 205.7.5.0 net ok now i going to apply the acl there ok so for me the E1 is the outbound interface because my traffic is getting out of my network and the inbound interface is E0

i am right???
· Share on FacebookShare on Twitter

Comments

  • ilcram19-2ilcram19-2 Banned Posts: 436
    put it this way in or out is only relative to the interface that the ACL is applied to for xample
    when is comming in to the interface the source is the host generating the traffic from the lan of the routers interface ip to a destination outside that interface
    example
    permit ip host 10.1.1.2 host 9.9.9.9
    source destination

    Local LAN
    >in>10.1.1.1 (router)

    when it comming out is going from a remote subnet to the subnet of the routers interface
    example
    permit ip host 9.9.9.9 host 10.1.1.2
    source destination

    Local LAN<
    out<10.1.1.1
    · Share on FacebookShare on Twitter
  • gouki2005gouki2005 Member Posts: 197
    ilcram19-2 wrote: »
    put it this way in or out is only relative to the interface that the ACL is applied to for xample
    when is comming in to the interface the source is the host generating the traffic from the lan of the routers interface ip to a destination outside that interface
    example
    permit ip host 10.1.1.2 host 9.9.9.9
    source destination

    Local LAN
    >in>10.1.1.1 (router)

    when it comming out is going from a remote subnet to the subnet of the routers interface
    example
    permit ip host 9.9.9.9 host 10.1.1.2
    source destination

    Local LAN<
    out<10.1.1.1
    mmm still dont get it..
    · Share on FacebookShare on Twitter
  • ilcram19-2ilcram19-2 Banned Posts: 436
    where are you confuse?
    · Share on FacebookShare on Twitter
  • notgoing2failnotgoing2fail Member Posts: 1,138
    Don't think too hard, it's all perspective from how the ACL is created. The way you want the ACL to function is how you apply the direction....
    · Share on FacebookShare on Twitter
  • alan2308alan2308 Member Posts: 1,854 ■■■■■■■■□□
    Think in terms of the router interface, not the source or destination of the traffic. In your example, traffic originating from the 205.7.5.0 network comes into the router E1 interface. That traffic is inbound on E1, it is coming into the router there. But this applies only to that interface. That same traffic exits on interface E0, so that same traffic is outbound on E0. And it works the same way for traffic going the other way. Traffic with a destination on the 205.7.5.0 network is outbound on E1.

    You can have one access list per interface per direction per protocol.
    Facebook LinkedIn Twitter
    · Share on FacebookShare on Twitter
  • chmorinchmorin Member Posts: 1,446 ■■■■■□□□□□
    Take the perspective of the interface you are applying.

    "HEY YOU PACKET! Okay you can come in."
    "HEY YOU PACKET! Nope, you're not on the list to come in."
    "Oh, you want out? Okay, you can get out."
    "Oh, you want out? Sorry, you're not on the list to go out."
    Currently Pursuing
    WGU (BS in IT Network Administration) - 52%| CCIE:Voice Written - 0% (0/200 Hours)
    mikej412 wrote:
    Cisco Networking isn't just a job, it's a Lifestyle.
    · Share on FacebookShare on Twitter
Sign In or Register to comment.