Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

access lists

Hi all, for the ccna exam, if it asks me about applying access lists, where are they best applied, closest to source or dest ?

4 REPLIES
Gold

Re: access lists

- place extended access list close to the source

- place standard access list close to the destination

M.

New Member

Re: access lists

thanks for that, is there a reason for it ?

New Member

Re: access lists

Coz standard access lists can only filter based on source IP. If you place it close to source, all traffic will be blocked.Thats why you place it close to destination.

Extended access list can do fine filtering based on ports and protocols.So you place it close to source so you can filter the traffic before it takes up your precious bandwidth!!

Hope this helps.

New Member

Re: access lists

Hi

the router you are working is source and destination 2 ( inbound and outbound)

So when you want to restrict you inbound traffic to outbound you implement access list in inbound

and when you want to restrict your outbound traffic to enter into your domain then you implement access list in your outbound interface......

Hope this may helps you

136
Views
9
Helpful
4
Replies
CreatePlease login to create content