Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
284
Views
0
Helpful
2
Replies

Access Group In or Out

stalljoseph
Level 1
Level 1

‎08-14-2007 11:43 AM - edited ‎03-05-2019 05:54 PM

Please give a down and dirty again on access-lists on VLAN interfaces on a 6500 core. Say I have VLAN 10, and want to apply an ACL on it, when would I apply an IN and when would I use the OUT.

Thanks,

Labels:
0 Helpful
2 Replies 2

bjw
Level 4
Level 4

‎08-14-2007 11:45 AM

I just went through this. The IN is used on an SVI (Vlan), IN or OUT are used on physical interfaces.

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to bjw

‎08-14-2007 12:19 PM

I am not sure why an SVI would be different from a physical interface. And I am not sure why out would not also be used on SVI interfaces.

Joe

Basically the in and out of access-group is from the perspective of the router/layer3 switch. So to examine packets from end stations on the interface/subnet you apply access-group in. And to examine packets going to end stations on the interface/subnet you apply the access-group out.

HTH

Rick

HTH

Rick
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card