Best Practice for where to apply ACL's on a router

Unanswered Question
Apr 16th, 2007
User Badges:

I have a 1760 router with a 4 port ethernet card. It has the Vlan1 int on it for f0/0 in the IOS. I need to apply an ACL to that interface/subnet with the phyical cable in f0/0 and ip range of vlan1. When appling the ACL should I apply it to the physical interface or the Vlan (mgt) interface. What is the best practice and is there any docs on this on cisco?



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4.5 (2 ratings)
Richard Burts Mon, 04/16/2007 - 09:59
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN


The f0/0 is operating as a switch port and as such you can not apply the access list directly to the physical interface. You should apply the access list to the vlan interface.




This Discussion