Category Archives: ACL

ACL and Types


Access Control List (ACL)

Understanding ACLs
Classification – Router also use ACLs to identify particular traffic.
Filtering – You can use ACL as a filter to keep the rest of your network from accessing sensitive data on the finance subnet.

ACL Operation
ACLs operate in two ways:
– Inbound ACLs
– Outbound ACLs

Types of ACL
• Standard – Check the source address of packets that can be routed.
• Extended – Check both the source and destination.

Note: Standard ACL should be applied near to source and Extended near to destination to avoid extra lookups and consumption of bandwidth.

Access Number
1 – 99 or 1300 – 1999 is a Standard IP
100 – 199 or 2000 – 2699 is a Extended IP

ACL Keywords
Any – Used in place of
Host – Used in place of in the wild card mask

The difference in applying an ACL in or out is pretty easy. When you apply an ACL “in”, the router examines all traffic it RECEIVES on the interface against the ACL.

When you apply an ACL “out” on an interface the router examines any traffic attempting to leave that interface against the ACL.

Also, I take it that your firewall is connected to your interface FastEthernet0/1. ANd also that you are NATing the to (Overloaded) on this router?

I imagine you are using NAT or PAT on the firewall for traffic to access the internet. If you do not want your traffic to go to the internet, I suggest removing the NATing on the router.

In–when you are running traffic coming INTO the interface through an ACL.
Out–when you are running traffic leaving the interface through an ACL.

Cisco ACL In and Out Questions