can an ACL destination be an int?

Unanswered Question
Jan 19th, 2003
User Badges:

can the destination of an extended ip access list be an interface? this is what i have. the routers e0/0 ip is obtained through DHCP so i don't know what the ip will be but i want the acl desitnation to be the ip on that int. so can i just reference the interface?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
lgijssel Mon, 01/20/2003 - 06:23
User Badges:
  • Red, 2250 points or more

ACL destination??

You are confusing routes and access-lists my friend!

These are two completely different things.

m.matteson Mon, 01/20/2003 - 14:02
User Badges:

sorry i didn't explain my situtaion good enough. my external ip of the router running nat gets it ip through dhcp. i know that i can specify the interface to perform overload on. which is good cause i don't "know" the ip of my external interface cause it is dhcp. i was wondering if i could apply the same concept to an access list. instead of specifying the desitnation ip can i specify the external interface of the router instead because the ip would likly change and if i threw in a static ip into the acl i would have to change them each and every time i renewed/released an ip. doable? it would be great if i got a "yes" from someone. haha thanks.

a.manosca Mon, 01/20/2003 - 18:07
User Badges:
  • Bronze, 100 points or more

Hi, from the ACL command reference, there's no option to use 'interface' as the destination address or network, as well as source. One solution is to use static DHCP in the server for the router's e0/0 MAC address so that everytime the router requests for an IP via DHCP, it will always get the same address, then you can use that address for your ACL.

Hope this helps.


This Discussion