Golgappa.net | Golgappa.org | BagIndia.net | BodyIndia.Com | CabIndia.net | CarsBikes.net | CarsBikes.org | CashIndia.net | ConsumerIndia.net | CookingIndia.net | DataIndia.net | DealIndia.net | EmailIndia.net | FirstTablet.com | FirstTourist.com | ForsaleIndia.net | IndiaBody.Com | IndiaCab.net | IndiaCash.net | IndiaModel.net | KidForum.net | OfficeIndia.net | PaysIndia.com | RestaurantIndia.net | RestaurantsIndia.net | SaleForum.net | SellForum.net | SoldIndia.com | StarIndia.net | TomatoCab.com | TomatoCabs.com | TownIndia.com
Interested to Buy Any Domain ? << Click Here >> for more details...

  1. Categories >> Certifications >> Cisco Certifications >> CCNA
  2. Suggest New Category

what is the basic rules for ACLs?

Question Posted / vikram pratap singh

Answer Posted / vikram pratap singh

These basic rules should be followed when creating and
applying access lists:

One access list per protocol per direction.
Standard IP access lists should be applied closest to the
destination.
Extended IP access lists should be applied closest to the
source.
Use the inbound or outbound interface reference as if
looking at the port from inside the router.
Statements are processed sequentially from the top of list
to the bottom until a match is found, if no match is found
then the packet is denied.
There is an implicit deny at the end of all access lists.
This will not appear in the configuration listing.
Access list entries should filter in the order from
specific to general. Specific hosts should be denied first,
and groups or general filters should come last.
Never work with an access list that is actively applied.
New lines are always added to the end of the access list.
A no access-list x command will remove the whole list. It
is not possible to selectively add and remove lines with
numbered ACLs.
Outbound filters do not affect traffic originating from the
local router.
There are many show commands that will verify the content
and placement of ACLs on the router.

The show ip interface command displays IP interface
information and indicates whether any ACLs are set.

The show access-lists command displays the contents of all
ACLs on the router.

show access-list 1 shows just access-list 1.

The show running-config command will also reveal the access
lists on a router and the interface assignment information.

Is This Answer Correct ?    2 Yes 0 No



Post New Answer       View All Answers


Please Help Members By Posting Answers For Below Questions

What is the multicast routing?

1200

What is the command for change serial cost?

1123

What are the two types of transmission technology use in ccna?

1051

Differentiate full-duplex from half-duplex.

1105

Tell me how many hop counts are by default and how much you can increase in eigrp protocol?

1178

What is quality of ipv6?

1145

Mention what BOOTP is?

1121

What is mtu and what is its size for transmission?

1074

What is the subnetmask of / 27 in network based and host based?

1102

What is the attenuation?

1127

Utilizing RIP, what is the limit when it comes to number of hops?

1323

Explain dhcp scope?

986

Explain why is udp lease favored when compared to tcp?

1104

Referring to the commands shown, what command must next be used on the branch router prior to traffic being sent to the router router?

1163

Explain on which interface we always apply access-list?

1054