Hot Downloads

Welcome, Guest
Username: Password: Remember me

TOPIC: access-list

access-list 12 years 10 months ago #2543

  • indebluez
  • indebluez's Avatar
  • Offline
  • Distinguished Member
  • Posts: 114
  • Karma: 0
sorry for another post u guys...
but i jus wanna clear this up.....

QN (1)whats the difference between these 2 statements?
QN (2)whys the 1st statemt wrong?
(a)CISCO IOS allows only one access-list to be applied to an interface.

AND
(b)One access list may be configured per direction for each layer 3 protocol configured on an interface.

becoz when we write access-list....we say
access-list 110 deny ip source add n mask dest add n mask eq 23
access-list 110 permit ip any any
int e0
ip access-group 110 in
QN(3)so that makes it 2 statements but jus one access-list on an int?

will be a great help if u guys can explain! thx again
The administrator has disabled public write access.

Re: access-list 12 years 10 months ago #2545

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
Inde, you can configure one access list per direction.. meaning you can have an access-list for inbound traffic and an access-list for outbound traffic on the interface.

The first statement is not 'wrong' its just less correct than the second one.

Finally, you can have as many statements as you like in each access-list. These two statements both belong to access-list number 110 (extended IP access-list). You will only apply access-list 110 to an interface.. either inbound or outbound.
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.

Re: access-list 12 years 10 months ago #2549

  • tfs
  • tfs's Avatar
  • Offline
  • Expert Member
  • Posts: 521
  • Karma: 0
And don't worry about how many questions you ask.

As they say, there are no stupid questions (well, maybe one). :lol:
Thanks,

Tom
The administrator has disabled public write access.

Re: access-list 12 years 10 months ago #2551

  • indebluez
  • indebluez's Avatar
  • Offline
  • Distinguished Member
  • Posts: 114
  • Karma: 0
hi guys...
IP is a connectionless protocol?

and RIP is capable of load sharing over multiple paths? how come?

thx!
The administrator has disabled public write access.

Re: access-list 12 years 10 months ago #2564

  • sahirh
  • sahirh's Avatar
  • Offline
  • Honored Member
  • Posts: 1700
  • Karma: 0
Lol you're like a CCNA trivia machine, this is really keeping me on my toes !

RIP can load share if it knows two routes to the same network. Uhm.. at least I think so :)

IP is connectionless.. TCP is connection oriented. IP is just the delivery boy.

Phew, ihatenetworkingtheory.com
Sahir Hidayatullah.
Firewall.cx Staff - Associate Editor & Security Advisor
tftfotw.blogspot.com
The administrator has disabled public write access.
Time to create page: 0.080 seconds

CCENT/CCNA

Cisco Routers

  • SSL WebVPN
  • Securing Routers
  • Policy Based Routing
  • Router on-a-Stick

VPN Security

  • Understand DMVPN
  • GRE/IPSec Configuration
  • Site-to-Site IPSec VPN
  • IPSec Modes

Cisco Help

  • VPN Client Windows 8
  • VPN Client Windows 7
  • CCP Display Problem
  • Cisco Support App.

Windows 2012

  • New Features
  • Licensing
  • Hyper-V / VDI
  • Install Hyper-V

Linux

  • File Permissions
  • Webmin
  • Groups - Users
  • Samba Setup