access-list !

here is the scene

[ROUTER]

e0/0 12.2.1.1 ( on the LHS)
e0/1 12.1.1.2 ( on the RHS)

the access list is applied inbound to e0/1

# access-list 150 deny ip 12.1.1.0 0.0.0.255 any log
now suppose a user on the 12.1.1.0 sends out a request wnt it be blocked by the e0/1 when it comes back with the request

Find more posts tagged with

Save $250 on 2025 certification boot camps from Infosec!

Book now with code EOY2025

Button

Comments

blackninja

nanga wrote: »

here is the scene
[ROUTER]
e0/0 12.2.1.1 ( on the LHS)
e0/1 12.1.1.2 ( on the RHS)

the access list is applied inbound to e0/1

# access-list 150 deny ip 12.1.1.0 0.0.0.255 any log
now suppose a user on the 12.1.1.0 sends out a request wnt it be blocked by the e0/1 when it comes back with the request

The packet will be dropped by the inbound ACL before it reaches it's dest

gig

If I'm not mistaken. With that access list applied, no packets will pass thru the interface it was applied to without a "permit any" line in the access list.

blackninja

gig wrote: »

If I'm not mistaken. With that access list applied, no packets will pass thru the interface it was applied to without a "permit any" line in the access list.

You are so right - you can have my ccna, as clearly need to re-earn it.....lol

gig

Haha. I just so happens I'm currently studying for my CCNA and one of the few things that stuck with me was when making a deny ACL, always make a permit line.

LT72884

gig wrote: »

If I'm not mistaken. With that access list applied, no packets will pass thru the interface it was applied to without a "permit any" line in the access list.

yeah by default ther is an empliciate deny all with any acl so you have to make sure to put permit any at the end or no traffic will pass