ExamNotes.net - IT certification portal

ForumsCertResearchTop sitesNewslettersFree email
HomeRegister


Exams Notes
Practice exams
Exam games
Questions by email
Online training
Training videos
College degrees
Boot camps
Book store
Links directory
Tell a friend
For webmasters


Cisco > CCNA > access-group 10 in or put?
Show a Printable Version
Email This Page to Someone!
Receive updates to this thread


Author access-group 10 in or put?
imyty
Member




Registered: Nov 2000
Location:
Country:
State:
Certifications:
Working on:

Total Posts: 84
Question

What's difference between in and out?When should I use in or out?

Report this post to a moderator

Old Post 12-02-00 02:04 PM
imyty is offline Click Here to See the Profile for imyty Click here to Send imyty a Private Message Add imyty to your buddy list Find more posts by imyty Reply w/Quote Edit/Delete Message IP: Logged
nomad
Junior Member




Registered: Dec 2000
Location: Heidelberg Germany
Country:
State:
Certifications:
Working on:

Total Posts: 7
Post

From the Question you are setting a standard IP Access list (1-99) on a router port, and as a rule of thumb it is best to set standard lists "closest to the source" and extended "Closest to the Destination". The in or out... you want to filter the packets that are coming or going so do you want to stop this ip from leaving or entering your router? you can set the access-group in and out just requires more CPU process to filter all the packets...

Report this post to a moderator

Old Post 12-02-00 03:46 PM
nomad is offline Click Here to See the Profile for nomad Click here to Send nomad a Private Message Add nomad to your buddy list Find more posts by nomad Reply w/Quote Edit/Delete Message IP: Logged
CyDiver
Member
M



Registered: Oct 2000
Location: Stockholm
Country: SWEDEN
State:
Certifications:
Working on: CCIE

Total Posts: 68
Post

An IN access-group blocks traffic going into the routerand an OUT blocks traffic going out of the router.

Use IN access-group if you will be blocking traffic to all networks that are connected to the router.

Use OUT access-group if you want to block traffic to a specicfic network/interface but allow the traffic to the other networks on the router!!

Hope this helps!!

Cy..-

[This message has been edited by CyDiver (edited 12-02-2000).]

Report this post to a moderator

Old Post 12-02-00 05:42 PM
CyDiver is offline Click Here to See the Profile for CyDiver Click here to Send CyDiver a Private Message Add CyDiver to your buddy list Find more posts by CyDiver Reply w/Quote Edit/Delete Message IP: Logged
firechicken
Senior Member/Citizen




Registered: Nov 2000
Location:
Country: United States
State: OR
Certifications: Comp TIA D Minus Certified
Working on: Food Handler

Total Posts: 467
Post

Hi imyty,

Here's another way you can think of it.

Think of the router as your house where people walk in and out all day long. Think of the router ports as doors to your house.

If you want to keep people from coming in to your house, you would apply the ACL as IN.

If you want to keep people from going out of your house, apply the ACL as OUT.


This is a generic as heck explanation, but hopefully it might help!

Report this post to a moderator

Old Post 12-02-00 08:55 PM
firechicken is offline Click Here to See the Profile for firechicken Click here to Send firechicken a Private Message Add firechicken to your buddy list Find more posts by firechicken Reply w/Quote Edit/Delete Message IP: Logged
imyty
Member




Registered: Nov 2000
Location:
Country:
State:
Certifications:
Working on:

Total Posts: 84
Talking

Now I know,just as input and output.Thanks a lot.

Report this post to a moderator

Old Post 12-02-00 11:16 PM
imyty is offline Click Here to See the Profile for imyty Click here to Send imyty a Private Message Add imyty to your buddy list Find more posts by imyty Reply w/Quote Edit/Delete Message IP: Logged
aktribes
Senior Member




Registered: Aug 2000
Location: Anch, AK, USA
Country: US
State:
Certifications: CCNA
Working on: CCNP

Total Posts: 381
Post

Thats a great analogy. I always used it from the perspective of the router interface but you story is nicer to remember!

Report this post to a moderator

Old Post 12-03-00 12:18 AM
aktribes is offline Click Here to See the Profile for aktribes Click here to Send aktribes a Private Message Add aktribes to your buddy list Find more posts by aktribes Reply w/Quote Edit/Delete Message IP: Logged
haubest
Senior Member




Registered: Nov 2000
Location: North Hills, CA, USA
Country:
State:
Certifications:
Working on:

Total Posts: 181
Talking

In response to nomad's reply, according to Sybex you should place standard access lists as close to the destination as possible and extended access lists should be placed as close to the source as possible. Any other thoughts on this?

Report this post to a moderator

Old Post 12-03-00 07:41 AM
haubest is offline Click Here to See the Profile for haubest Click here to Send haubest a Private Message Add haubest to your buddy list Find more posts by haubest Reply w/Quote Edit/Delete Message IP: Logged
All times are GMT.
Post new thread   Post reply


Forum Jump:
Rate This Thread:
Forum Rules:
Who Can Read The Forum? Any registered user or guest.
Who Can Post New Topics? Any registered user.
Who Can Post Replies? Any registered user.
Changes: Messages can be edited by their author.
Posts: HTML code is OFF. Smilies are ON. vB code is ON. [IMG] code is ON.		  

ExamNotes forum archive

Copyright © 1999 - 2006 ExamNotes.net Inc. All rights reserved.

Powered by: vBulletin 2.2.8
Copyright ©2000, Jelsoft Enterprises Limited.

  Free Braindumps | mcse braindumps