Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
539
Views
0
Helpful
4
Replies

standard ACL in the firewall and in the router

Go to solution
hanyawad
Level 1
Level 1

‎04-27-2010 05:08 PM - edited ‎03-11-2019 10:38 AM

dear experts,

hello

i know that the standard ACL syntax in the router we mention the SOURCE ip address,right?

but when i read a configuration guid file for the standard ACL in the ASA firewall in cisco.com i found that we mention the DESTINATION

ip address...

so this difference in the same type of ACL  in the router and the ASA is right and logical ?

thanks for your reply,

labib makar

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to hanyawad

‎04-27-2010 06:38 PM

Hey labib,

I have not realized this until now!

I always use extended ACLs for everything and it's been a while since using a standard ACL.

You are 100% correct and on the ASA, the standard ACL is based on destination (not source) as opposed to IOS.

I've seen standard ACLs on ASA for split-tunneling and for OSPF configuration in route-maps.

Good one!

Federico.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎04-27-2010 05:11 PM

Hi,

Standard ACLs always reference the source.

What is the document that you're referring to?

Federico.

0 Helpful

Go to solution
hanyawad
Level 1
Level 1
In response to Federico Coto Fajardo

‎04-27-2010 05:54 PM

hi federico,

first thanks for your reply

i sent you the link of the configuration guid that says that in cisco.com in one of the technical document.

and another print screen image from the book i'm reading that says the same. ( the name of the book in the title bar of the printed page)

thanks for your help

labib

http://www.cisco.com/en/US/docs/security/asa/asa82/configuration/guide/acl_standard.html#wp1056837

0 Helpful

Go to solution
Federico Coto Fajardo
VIP Alumni
VIP Alumni
In response to hanyawad

‎04-27-2010 06:38 PM

Hey labib,

I have not realized this until now!

I always use extended ACLs for everything and it's been a while since using a standard ACL.

You are 100% correct and on the ASA, the standard ACL is based on destination (not source) as opposed to IOS.

I've seen standard ACLs on ASA for split-tunneling and for OSPF configuration in route-maps.

Good one!

Federico.

0 Helpful

Go to solution
hanyawad
Level 1
Level 1
In response to Federico Coto Fajardo

‎04-27-2010 07:02 PM

ok federico it is clear for me now, thanks alot for your efforts

labib

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card