Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: Does ip access group command really needed ?

Does ip access group command really needed ? 3 years 9 months ago #38212

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
Hi geeks,

I would like to know that do we really need ip access group command in all scenarios once we create the access list policy.

The reason i had raised this question is, i came across a access list policy video, on that the instructor created the extended access list policy in a router to prevent a host accessing web page, however he didn't apply the ip access group command on the interfaces and still the access list command working perfectly and the host unable to access the web page.

Note: the access list has been applied closest to the source.

Looking forward your replies and thanks in advance.

Regards,

Rizin
Known is a drop, unknown is an Ocean
Last Edit: 3 years 9 months ago by rizin. Reason: forget to add the command word in the subject
The administrator has disabled public write access.

Re: Does ip access group command really needed ? 3 years 9 months ago #38216

  • rizin
  • rizin's Avatar
  • Offline
  • Distinguished Member
  • Posts: 203
  • Karma: 0
I had got this answer.

There is some minute point i missed watching and hear it, the instructor of that video is really genius, before he went on creating other rules he informed us in earlier few seconds in that clip.

The scenario is Deny host accessing wan link and Specific webpage.

1) He stated clearly earlier that 1 ACL WILL BE APPLIED ON PER INTERFACE AND PER DIRECTION ONLY, so 1 ACL with two rules that he created must be applied on one interface.

2) Earlier he had already created one rule and applied on one interface, and he created another rule and left the interface undisturbed, since ip access-group command already been applied on that interface.
Known is a drop, unknown is an Ocean
The administrator has disabled public write access.
Time to create page: 0.071 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup