RE: ACL don't work on outbound locally sourced traffic?

From: Richard Dumoulin (Richard.Dumoulin@vanco.fr)
Date: Fri Mar 04 2005 - 14:16:02 GMT-3

• Next message: Anthony Sequeira: "Re: Outside the box .... Or outside the directions?"
• Previous message: Andrew Ballantyne \(aballant\): "ACL don't work on outbound locally sourced traffic?"
• Maybe in reply to: Andrew Ballantyne \(aballant\): "ACL don't work on outbound locally sourced traffic?"
• Next in thread: Andrew Ballantyne \(aballant\): "RE: ACL don't work on outbound locally sourced traffic?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This is correct. There is a trick though to make the traffic go through the
ACL.

-- Richard

-----Original Message-----
From: Andrew Ballantyne (aballant) [mailto:aballant@cisco.com]
Sent: Friday, March 04, 2005 6:08 PM
To: ccielab@groupstudy.com
Subject: ACL don't work on outbound locally sourced traffic?

Hi,

In this article it says that ACLs can't block outbound traffic
originating from a router. So for example you would not be able to deny
outbound ICMP packets, and the return packet would be stopped.

http://www.informit.com/articles/article.asp?p=174313&seqNum=4
 
The article also says:
 
"Another special note on Cisco ACLs is that ACLs never apply to
traffic generated by the router."

Is this correct, it differs from my understanding, and I thought my
experience??

Cheers,
Andrew

• Next message: Anthony Sequeira: "Re: Outside the box .... Or outside the directions?"
• Previous message: Andrew Ballantyne \(aballant\): "ACL don't work on outbound locally sourced traffic?"
• Maybe in reply to: Andrew Ballantyne \(aballant\): "ACL don't work on outbound locally sourced traffic?"
• Next in thread: Andrew Ballantyne \(aballant\): "RE: ACL don't work on outbound locally sourced traffic?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Apr 03 2005 - 17:56:40 GMT-3