Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Access Control List Directions "In" and "Out"

Sorry about the elementary nature of this question. When an ACL is applied to say a VLAN's SVI in this way;

interface Vlan111

ip address 10.10.10.10 255.255.255.0

ip access-group 111 in

or

ip access-group 112 out

..does the traffic direction "in" refer to traffic towards the SVI from Vlan111 only or also towards the networks and associated SVIs from other VLANs across the routing engine as well? Similarly, would "out" refer to traffic towards VLAN 111 only from (through) it's SVI or also towards other SVI's across the routing engine? Thank you for any information.

  • Other Network Infrastructure Subjects
3 REPLIES
New Member

Re: Access Control List Directions "In" and "Out"

Sorry the first sentence in my last paragraph should read;

..does the traffic direction "in" refer to traffic towards the SVI from Vlan111 only or also towards it from the networks and associated SVIs from other VLANs across the routing engine as well?

Hall of Fame Super Silver

Re: Access Control List Directions "In" and "Out"

Bob

The direction in which the access list is applied is from the prespective of the router/switch. So an access list applied "in" will filter traffic from the devices attached in that VLAN coming into the router/switch to be routed. And an access list applied "out" will filter traffic from other VLANs routed out that VLAN to the attached devices.

HTH

Rick

New Member

Re: Access Control List Directions "In" and "Out"

Thank you Rick!

155
Views
5
Helpful
3
Replies