1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Access lists - Placement of Standard and Extended ACLs

Discussion in 'General Cisco Certifications' started by Brasco2007, Feb 1, 2007.

  1. Brasco2007

    Brasco2007 Bit Poster

    12
    0
    14
    Hi All,

    Regarding the placement of standard and extended access lists.

    For a standard access list as this only filters the source IP address this should be placed on the router near to the network/host that is to be denied.

    For an extended access list as this filters by protocol, source/destination IP address and port number this can be placed on the router close to where the extended access list is located.

    Have I got this right? Any tips appreciated.
     
    Certifications: CompTIA A+, Network+
    WIP: CCNA
  2. Headache

    Headache Gigabyte Poster

    1,092
    9
    85
    Absolutely. According to Richard Deal, standard ACLs should be placed as close to the destination devices as possible and extended ACLs should be placed as close to the source devices as possible.
     
    Certifications: CCNA
    WIP: CCNP
  3. Brasco2007

    Brasco2007 Bit Poster

    12
    0
    14
    Thanks for the reply.
     
    Certifications: CompTIA A+, Network+
    WIP: CCNA

Share This Page

Loading...