Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Access-list isn't working

I want that no packet leaves f0/0 (R2).

 

These are my configurations:

 

R1:

 

!

interface FastEthernet0/0

 ip address 192.168.1.1 255.255.255.0

!

 

 

R2:

 

!

interface FastEthernet0/0

 ip address 192.168.1.2 255.255.255.0

 ip access-group 101 out

!

access-list 101 deny ip any any

!

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Gold

Given the configs shown in

Given the configs shown in the original post R2 will be able to ping R1 and I am guessing that this (or something very similar) is what leads the original poster to say that the ACL is not working.

 

The issue here is that an access list applied outbound on an interface will not process traffic that is generated by the router itself. The ACL shown will be very effective in preventing transit traffic (traffic that came from somewhere to R2 and to be forwarded out f0/0). But it will not work on packets generated by R2.

 

HTH

 

Rick

2 REPLIES
Community Member

Hello rcpoemrvt,You are

Hello rcpoemrvt,

You are applied access-list on R2's FastEthernet0/0 interface outbound direction. 

 

This configuration is perfect.. Please let me know how you are checking and what issue you are facing.

Also check you are getting hits in access-list or not.

Hall of Fame Super Gold

Given the configs shown in

Given the configs shown in the original post R2 will be able to ping R1 and I am guessing that this (or something very similar) is what leads the original poster to say that the ACL is not working.

 

The issue here is that an access list applied outbound on an interface will not process traffic that is generated by the router itself. The ACL shown will be very effective in preventing transit traffic (traffic that came from somewhere to R2 and to be forwarded out f0/0). But it will not work on packets generated by R2.

 

HTH

 

Rick

90
Views
5
Helpful
2
Replies
CreatePlease to create content