Interested to Buy Any Domain ? << Click Here >> for more details...
what is the basic rules for ACLs?
- 4 Answers
- 11555 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / jitendera
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest
to the
destination.
Extended IP access lists should be applied closest
to the
source
only these two fundamental are the rules of the access-list
| Is This Answer Correct ? | 4 Yes | 0 No |
Answer / jitendra
shaen u r right but it is not like that what are u telling
in the 4 point all are included in these three part.
1 One access list per protocol per direction.
2 Standard IP access lists should be applied closest
to the
destination.
3 Extended IP access lists should be applied closest
to the source
| Is This Answer Correct ? | 4 Yes | 0 No |
Basic rules for ACLs are -
1. All deny statement have to be given first.
2. There should be at least one permit statement.
3. An implicit deny block all the traffic by default, when
there is no match.
4. We can configure one access-list per interface per
direction i.e. two ACL per interface. One in inbound
direction & one in outbound direction.
5. ACL works in sequential order.
6. Editing of access-list is not possible i.e. selecting,
adding or removing access-list statement is not possible.
| Is This Answer Correct ? | 3 Yes | 0 No |
Answer / vikram pratap singh
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.
The show ip interface command displays IP interface
information and indicates whether any ACLs are set.
The show access-lists command displays the contents of all
ACLs on the router.
show access-list 1 shows just access-list 1.
The show running-config command will also reveal the access
lists on a router and the interface assignment information.
| Is This Answer Correct ? | 2 Yes | 0 No |
Hi I asking one thing that my company having cisco ip phone with connected to cisco poe switch.But sometime when my agent calling to customer on that time customer voice is break only few 2 to 3 sec.I have already checked my wan link by isp and also lan connection,but this problem is not sorted out so pls help me.
Which command will display Ethernet 0's IP address? A.) display ip address e0 B.) show ip interface e0 C.) show address e0 D.) sh ip address e0 E.) show all
the term which used for describe physical alyout of network mine answer-topology
Identify the 2 types of access-list filters that control SAP traffic? A.) Novell-ether B.) Arpa C.) Input-sap-filter D.) Round-robin E.) Output-sap-filter
What does the acronym ARP stand for? A.) Address Resolution Phase B.) ARP Resolution Protocol C.) Address Resolution Protocol D.) Address Recall Protocol
Why Operating System Have only 65,535 port Numbers
Explain isakmp ?
Identify the command to configure a description on an interface? A.) Router> description Finance department B.) Router(config)# description Finance department C.) Router(config-if)# description Finance department D.) Router# description Finance department
Choose three reasons why the networking industry uses a layered model: A.) It facilitates systematic troubleshooting B.) It allows changes in one layer to occur without changing other layers C.) It allows changes to occur in all layers when changing one protocol D.) It clarifies how to do it rather than what general function to be done E.) It clarifies what general function is to be done rather than how to do it
When ospf protocol advertise its routing table?
Identify the command to configure the router to boot from an IOS located on a TFTP server? A.) boot system tftp IOS.exe 172.16.5.1 B.) boot system tftp 172.16.5.1 IOS.exe C.) boot system flash tftp 172.16.5.1 D.) boot system IOS.exe 172.16.5.1
Which command listed below sets the banner message when someone connects to the router? A.) message # B.) banner # C.) login banner # D.) description # E.) login description # F.) banner motd #
CCNA 
