Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> Cisco Certifications >> CCNA
  2. Suggest New Category

what is the basic rules for ACLs?

Question Posted / vikram pratap singh

Answers were Sorted based on User's Feedback



what is the basic rules for ACLs?..

Answer / jitendera

These basic rules should be followed when creating and
applying access lists:

One access list per protocol per direction.
Standard IP access lists should be applied closest
to the
destination.
Extended IP access lists should be applied closest
to the
source

only these two fundamental are the rules of the access-list

Is This Answer Correct ?    4 Yes 0 No

what is the basic rules for ACLs?..

Answer / jitendra

shaen u r right but it is not like that what are u telling
in the 4 point all are included in these three part.

1 One access list per protocol per direction.
2 Standard IP access lists should be applied closest
to the
destination.
3 Extended IP access lists should be applied closest
to the source

Is This Answer Correct ?    4 Yes 0 No

what is the basic rules for ACLs?..

Answer / shahin

Basic rules for ACLs are -


1. All deny statement have to be given first.

2. There should be at least one permit statement.

3. An implicit deny block all the traffic by default, when
there is no match.

4. We can configure one access-list per interface per
direction i.e. two ACL per interface. One in inbound
direction & one in outbound direction.

5. ACL works in sequential order.

6. Editing of access-list is not possible i.e. selecting,
adding or removing access-list statement is not possible.

Is This Answer Correct ?    3 Yes 0 No

what is the basic rules for ACLs?..

Answer / vikram pratap singh

These basic rules should be followed when creating and
applying access lists:

One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.

The show ip interface command displays IP interface
information and indicates whether any ACLs are set.

The show access-lists command displays the contents of all
ACLs on the router.

show access-list 1 shows just access-list 1.

The show running-config command will also reveal the access
lists on a router and the interface assignment information.

Is This Answer Correct ?    2 Yes 0 No

Post New Answer

More CCNA Interview Questions

How often does IP RIP send out routing table updates by default? A.) They send complete updates every 30 seconds B.) They send partial updates every 30 seconds C.) They send complete updates every 60 seconds D.) They send partial updates every 60 seconds

2 Answers  

What is ospf? Describe it.

0 Answers  

By default, Cisco routers forward GNS SAPs to remote networks. A. False B. True

1 Answers  

What is a characteristic of Store and Forward switches? A.) They work at wire speed. B.) They are the same as Cut-Through switching in 'prune' mode. C.) They forward based on transport layer info. D.) They forward the frame before it is completely read. E.) They increase latency.

2 Answers  

Identify the following components of the IPX address 2e.0000.0065.ed43 A.) Not a valid IPX address B.) Network = 2e, Subnet = 0000, Node = 0065.ed43 C.) Network = 2e.0000, Node = 0065.ed43 D.) Network = 2e, Node = 0000.0065.ed43

1 Answers  

In stead of 0.0.0.0 wild card mask what you can write after ip?

0 Answers  

what is difference between hub and switch?

7 Answers   IBM,

You are a system administrator and you want to deny access to a group of computers with addresses 172.30.16.0 to 172.30.31.0. Which wildcard mask would you use? A. 0.0.15.255 B. 0.0.255.255 C. 0.0.31.255 D. 0.0.127.255 E. 0.0.255.255

1 Answers  

Identify 3 characteristics of an IP address? A.) Contains a network portion and a host portion B.) 32 bits long C.) Unique to each network D.) Part of the default Cisco configuration E.) Referred to as the hardware address

1 Answers  

What do you use the Aux port for? A.) Console B.) Terminal editing C.) Modem D.) Backup logging

1 Answers  

Which table find best path?

0 Answers  

Hi, Can any one please tell me the experience of their CCNA interview,and please tell me all the questions they asked in the interview. Many Thanks...

0 Answers   HCL,

For more CCNA Interview Questions Click Here
Categories