| Author |
ACL question- URGENT !!
|
|
|
| Xref: nntp3.aus1.giganews.com alt.certification.cisco:82224
hello ! i need your help !
i want to define a named ACL
now it suppose to include both incoming and outgoing traffic
do i use the same ACL name and just adds in / out like i did or do i need
two different ACL's for that on the same interface ?
!
inter fa3/3:1
ip address x.x.x.x x.x.x.x
ip access-group Ho-No in
ip access-group Ho-No out
no ip proxy-arp
logging event link-status
duplex full
speed 100
!
ip access-list extended Ho-No
permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
deny ip any any
!
thank you
Ho No
| |
|
| You can you use the same ACL for in/out.
Doan
On Wed, 19 Feb 2003, HoNo wrote:
> hello ! i need your help !
> i want to define a named ACL
> now it suppose to include both incoming and outgoing traffic
> do i use the same ACL name and just adds in / out like i did or do i need
> two different ACL's for that on the same interface ?
>
> !
> inter fa3/3:1
> ip address x.x.x.x x.x.x.x
> ip access-group Ho-No in
> ip access-group Ho-No out
> no ip proxy-arp
> logging event link-status
> duplex full
> speed 100
> !
>
> ip access-list extended Ho-No
> permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
> permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
> deny ip any any
>
> !
>
>
>
> thank you
> Ho No
>
>
>
| |
|
| If you are going to permit certain traffic in and different traffic out you
need 2 ACLs.
--
tmack
HoNo <hono@whathell.com> wrote in message news:3e548564$1@news.012.net.il...
> hello ! i need your help !
> i want to define a named ACL
> now it suppose to include both incoming and outgoing traffic
> do i use the same ACL name and just adds in / out like i did or do i need
> two different ACL's for that on the same interface ?
>
> !
> inter fa3/3:1
> ip address x.x.x.x x.x.x.x
> ip access-group Ho-No in
> ip access-group Ho-No out
> no ip proxy-arp
> logging event link-status
> duplex full
> speed 100
> !
>
> ip access-list extended Ho-No
> permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
> permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
> deny ip any any
>
> !
>
>
>
> thank you
> Ho No
>
>
>
| |
|
| I assume you are talking about IP access-lists. Yes. You can apply one
inbound and one outbound on the same interface. Each can control traffic in
only one direction.
--
tmack
Tom <tmack@yahoo.com> wrote in message
news:%rZ5a.2880$Ut.575254768@newssvr13.news.prodigy.com...
> If you are going to permit certain traffic in and different traffic out
you
> need 2 ACLs.
>
> --
> tmack
> HoNo <hono@whathell.com> wrote in message
news:3e548564$1@news.012.net.il...
> > hello ! i need your help !
> > i want to define a named ACL
> > now it suppose to include both incoming and outgoing traffic
> > do i use the same ACL name and just adds in / out like i did or do i
need
> > two different ACL's for that on the same interface ?
> >
> > !
> > inter fa3/3:1
> > ip address x.x.x.x x.x.x.x
> > ip access-group Ho-No in
> > ip access-group Ho-No out
> > no ip proxy-arp
> > logging event link-status
> > duplex full
> > speed 100
> > !
> >
> > ip access-list extended Ho-No
> > permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
> > permit icmp x.x.x.x x.x.x.x x.x.x.x x.x.x.x
> > deny ip any any
> >
> > !
> >
> >
> >
> > thank you
> > Ho No
> >
> >
> >
>
>
>
|
|
|
|