Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> Cisco Certifications >> CCNA
  2. Suggest New Category

what is the basic rules for ACLs?

Question Posted / vikram pratap singh

Answer Posted / vikram pratap singh

These basic rules should be followed when creating and
applying access lists:

One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.

The show ip interface command displays IP interface
information and indicates whether any ACLs are set.

The show access-lists command displays the contents of all
ACLs on the router.

show access-list 1 shows just access-list 1.

The show running-config command will also reveal the access
lists on a router and the interface assignment information.

Is This Answer Correct ?    2 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

What is the draw back of eigrp protocol?

1166

What is 10base5 ethernet lans?

1080

If there is only 2 host in bus topology is that possible collision accord?

1101

Explain how many types of ips?

3727

Tell me when we use extended access-list?

1455

Explain the difference between half-duplex and full-duplex?

1258

Which ipsec rule is used for the olympia branch and what does it define?

1139

When ospf protocol advertise its routing table?

1166

Define autonomous system (as)?

1230

What is the function of application layer in networking?

1066

How arp brings mac address for switch?

1043

Which updates called incremental updates?

1130

What is the cladding?

1223

which defined peer ip address an local subnet belong to crete? (Choose two)

1111

After how long eigrp protocol advertise its routing table?

1150