Dear Buddies,
The following situation is given as an example.
Router A
--------------------LAN A-------------------E0-[X]-S0------------------LAN B----------------------
If I need to block LAN A access to LAN B,
I can apply the access list to Router A's Ethernet E0 as in,
and if I apply to the E0 out the packet should come inside checked against the out criteria and dependently dropped.
I could apply the access list to Router A's Serial S0 as in, assuming the E0 accepted the packet and is forwarding to S0, so it would be an incoming packet for S0, would it work.
I could apply the access list to Router A's Serial S0 as out, assuming the SO accepted the packet and is applying the list before forwarding to the the LAN B.
I have not included another router just to simplify the matter.
Actually I am really confused
Some of the confused questions are as follows
How and where should the acceslist placed and applied to the in/out of the interfaces.
Is the in/out concept with respect to the link/and or interface. meaning to say if the access list is applied to an interface as in, the packets coming from outside will be tested. What about the packets coming in from the other internal interface of the router it will be treated as in or out, ( Think of a two-way door, opening both sides, which is in and which is out in respect to both sides)
Is the access list common for all the interfaces, like, Ethernet, Serial, Token, ISDN, Frame-Relay.
Can I apply a same access list to both in and out ports of an interface, What about different access list to the same interface.
Does the access list checks the criteria , on the internal interface of the same router, meaning if an Ethernet is passing to serial is the
I could only guess that access lists concepts in/out are w.r.t.x where x is the link/int or ??????.
If anybody could put more lights on this I would really be obliged,
Thanks in Advance.
Shaikh Raees Ahmed,
Microsoft Certified Systems Engineer,
CCNA , CCDA,
Systems & Network,
IT Division.
