access lists on loopback interfaces

mattau

Hi all, this has me completely stumped. I have been trying to get this access list to work all morning but it doesnt seem to be having any effect what so ever. I have attached a pic to demonstrate what I am trying to achieve.

for simplicity sake i used extended ip access to block anything going through.

is there something else I have to do when trying to put an acl on a loopback?

I trying putting the ACL on the incoming loopback interface itself as it is an extended one then also tried putting it on the out going serial interface but still no luck!

mattau

hmm I have been playing around with this and looks like i may have been applying the acl to the wrong router.

I placed it on router 3 to stop incoming traffic on s0/0. and it seems to work

I thought extended lists where meant to be placed as close to the source as possible

Sett

ACLs doesn't filter traffic which was sourced from the router.

greenerek

mattau wrote: »

Hi all, this has me completely stumped. I have been trying to get this access list to work all morning but it doesnt seem to be having any effect what so ever. I have attached a pic to demonstrate what I am trying to achieve.

for simplicity sake i used extended ip access to block anything going through.

is there something else I have to do when trying to put an acl on a loopback?

I trying putting the ACL on the incoming loopback interface itself as it is an extended one then also tried putting it on the out going serial interface but still no luck!

Hi when you do access list you need to follow the rulless

-when is standard (1-99) you add filter acl as further destination as possible
-when is extended (100-199) you add acl as close source as posiible

you add on r4 interf s0/0 out which is wrong because remember , ACLs do not apply to traffic originated by the router.

please find below better explanation

Configuring IP Access Lists - Cisco Systems

and

http://www.techexams.net/forums/ccna-ccent/12310-acl-confusion.html

2URGSE

There was an ACL Lab with a loopback. I understood how to configure it, but can someone please explain what is the real purpose of the loopback?

networker050184

2URGSE wrote: »

There was an ACL Lab with a loopback. I understood how to configure it, but can someone please explain what is the real purpose of the loopback?

Loopbacks will be used for management and the main address of your router. The loopback will not go down as long as the router is up so its more stable for management and routing protocol usage than an interface IP address. Loopbacks usually do not change while interface IPs come and go with links changing.

2URGSE

networker050184 wrote: »

Loopbacks will be used for management and the main address of your router. The loopback will not go down as long as the router is up so its more stable for management and routing protocol usage than an interface IP address. Loopbacks usually do not change while interface IPs come and go with links changing.

Thank you.

mytapy

hi

It seems you have configured the access list on wrong interface....ok...let me brief. you configure acl on R3 and apply for the interface lo2 as inbound