Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Where to place this extended ACL?

hi,


i need to create an extended access list to deny one host and allow other hosts to browse internet. All are connected at router's fa0/0 interface. where should be the proper place to apply the ACL? Fa0/0 inbound or as outbound to the proper Serial interface?

2 REPLIES
Cisco Employee

Re: Where to place this extended ACL?

Inbound to fa0/0 if all your internal networks are connected to fa0/0.

Pls make sure that you configure the deny statement first for the host that you would like to block, then "permit ip any any" statement after that.

Hope that helps.

Re: Where to place this extended ACL?

hi,


i need to create an extended access list to deny one host and allow other hosts to browse internet. All are connected at router's fa0/0 interface. where should be the proper place to apply the ACL? Fa0/0 inbound or as outbound to the proper Serial interface?

As per the basics of ACL place the acl to close to the source and as suggedted place in direction in Fa0/0.

First statement should be deny one and second one should be permit ip any one.

Hope to Help !!

Ganesh.H

801
Views
0
Helpful
2
Replies
CreatePlease to create content