General ACL question

Unanswered Question
Dec 21st, 2007
User Badges:

Can some one explain or point me to an explanation on how to determine whether an ACL should be placed inbound or outbound on an interface? I seem to be having trouble trying to grasp the concept of an interface being either inbound or outbound when traffic passes through it both ways.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
acomiskey Fri, 12/21/2007 - 07:51
User Badges:
  • Green, 3000 points or more

Inbound and Outbound can be deceiving. You have to look at it as 'in or out' of the physical port. For instance, traffic flowing from inside your firewall to outside would generally be considered outbound traffic. But technically this really is inbound to the inside interface and outbound from the outside interface. So to write an acl for this traffic you would have two options. An access list applied into the inside interface or out of the outside interface. Hope that helps a little.

Actions

This Discussion