|
Home > Archive > CCNA > August 2004 > ACL question
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
|
|
| Warfare 2004-08-05, 10:20 pm |
| I am reading up bits and pieces about ACL. This is planned for the next few weeks but I want to have time practicing it already.
I understand the syntax and how to create them, how to create the mask/filter
but what confuses me about standard and extended ip acl is when applying to interfaces, IN or OUT.
I am thinking in the terms of some PC firewalls I used to configure, every thing that comes in fom the big bad internet is IN, and everything my poor machine sends to the outside world is OUT.
but cisco router has mutiple interfaces, hooked to multiple routers. IN and OUT confuse me a bit.
I would appreciate any hints on this issue. | |
| Boulware5 2004-08-05, 11:33 pm |
| This also did and still does confuse the heck out of me. | |
|
|
| dmaftei 2004-08-06, 9:48 am |
| quote:
Originally posted by Warfare
but what confuses me about standard and extended ip acl is when applying to interfaces, IN or OUT.
Picture yourself sitting inside the router, surrounded by interfaces. IN is towards you, OUT is from you. | |
| Warfare 2004-08-07, 4:14 am |
| That cisco paper helped a great deal, along with an old Sybex guide.
Correct me if I am wrong, it is the same idea as the usual firewall , except this time, its not just one interface with IN/OUT but multiple interfaces, but the basic idea stays the same. traffic that comes through an interface is IN, and trafic that is leaving the interface is OUT.
Generally, I am finding ACL's an interesting topic. | |
|
| You've got it.
ACL's are used for so many other things, other than restricting access to interfaces - it's well worth grasping them now. |
|
|
|
|