Interested to Buy Any Domain ? << Click Here >> for more details...
what is the basic rules for ACLs?
- 4 Answers
- 11403 Views
- I also Faced
- E-Mail Answers
Answers were Sorted based on User's Feedback
Answer / jitendera
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest
to the
destination.
Extended IP access lists should be applied closest
to the
source
only these two fundamental are the rules of the access-list
| Is This Answer Correct ? | 4 Yes | 0 No |
Answer / jitendra
shaen u r right but it is not like that what are u telling
in the 4 point all are included in these three part.
1 One access list per protocol per direction.
2 Standard IP access lists should be applied closest
to the
destination.
3 Extended IP access lists should be applied closest
to the source
| Is This Answer Correct ? | 4 Yes | 0 No |
Basic rules for ACLs are -
1. All deny statement have to be given first.
2. There should be at least one permit statement.
3. An implicit deny block all the traffic by default, when
there is no match.
4. We can configure one access-list per interface per
direction i.e. two ACL per interface. One in inbound
direction & one in outbound direction.
5. ACL works in sequential order.
6. Editing of access-list is not possible i.e. selecting,
adding or removing access-list statement is not possible.
| Is This Answer Correct ? | 3 Yes | 0 No |
Answer / vikram pratap singh
These basic rules should be followed when creating and
applying access lists:
One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.
The show ip interface command displays IP interface
information and indicates whether any ACLs are set.
The show access-lists command displays the contents of all
ACLs on the router.
show access-list 1 shows just access-list 1.
The show running-config command will also reveal the access
lists on a router and the interface assignment information.
| Is This Answer Correct ? | 2 Yes | 0 No |
What should be the first command to create an access-list that prevents all users on subnetwork 10.10.128.0, using subnet mask 255.255.192.0, from being able to telnet anywhere? A.) access-list 101 deny tcp 10.10.128.0 0.0.63.255 any eq telnet B.) access-list 101 deny tcp 10.10.128.0 255.255.0.0 any eq telnet C.) access-list 101 deny tcp 10.10.128.0 255.255.192.0 any eq telnet D.) access-list 101 deny tcp 10.10.128.0 0.0.192.255 any eq telnet E.) access-list 101 deny tcp 10.10.128.0 0.0.128.255 any eq telnet F.) access-list 101 deny tcp 10.10.128.0 0.0.127.255 any eq telnet
Which is true regarding store-and-forward switching method? A.) Latency varies depending on frame-length B.) Latency is constant C.) It is default for all Cisco switches D.) It only reads the destination hardware address before forwarding the frame
What are 10baset ethernet lans?
Identify 2 PPP characteristics? A.) Is proprietary to Cisco B.) Supports authentication C.) Support compression D.) Run on a multi-access network
You can access three forms of WAN services with Cisco routers. Select the three forms: A. Switched or relayed services B. Interface front end to IBM enterprise data center computers C. Using protocols that connect peer-to-peer devices like HDLC or PPP encapsulation. D. IPX/SPX E. NetBEUI
Which three types of connectors are commonly associated with Cisco's V.35 serial cables? (Choose three.) 0 RJ 11 1 DB 60 2 Winchester 15 pin 3 DB 9 4 smart serial 5 RJ 45
What are the netbios and netbeui?
What is formula of hold down time of eigrp protocol?
Which command enables directly connected network 199.55.72.0 to be used by RIP? A. Router(config router)# rip 199.55.0.0 B. Router(config router)# rip 199.55.72.0 C. Router(config router)# network 199.55.0.0 D. Router(config router)# network 199.55.72.0
Choose three reasons why the networking industry uses a layered model: A.) It facilitates systematic troubleshooting B.) It allows changes in one layer to occur without changing other layers C.) It allows changes to occur in all layers when changing one protocol D.) It clarifies how to do it rather than what general function to be done E.) It clarifies what general function is to be done rather than how to do it
What is the ieee standard for wireless networking?
hi... i am a beginner to CCNA... i find it hard understandin collision domain n broadcast domain.. please don tell me the definition.. i read the definitions many times... i need a more detailed explanation... like whn i read the definition it sounds simple... but i don understand whn they say it like a hub has one collision domain and one broadcast domain... and if collisions happen inside collision domain... i am confused... please help me... :(
CCNA 
