From: Guyler, Rik (rguyler@shp-dayton.org)
Date: Tue May 31 2005 - 14:48:32 GMT-3
You will probably be given strict guidelines on how the ACL should be
configured so really you should know every way possible to create it. Know
your binary cold. ;-)
Rik
-----Original Message-----
From: sumit.kumar@comcast.net [mailto:sumit.kumar@comcast.net]
Sent: Tuesday, May 31, 2005 1:29 PM
To: ccielab@groupstudy.com
Subject: ACL- Direction
What is the "lab recommended" way of defining ACLs, for example requirment
is to classify http traffic from network A. What is recommended using 1or
both 1 and 2
1. access-list 121 permit tcp <net A> any any eq www
2.access-list 121 permit tcp <net A> eq www any
Also on the same note if the classification has to be dome from a Router do
we need a statment from all of the router's interfaces or just the connected
interface example R1 and R2 are connected via p2p frame. On R2 match all the
traffic coming from R1. Is 1 enough or we need all 1,2 and 3..?
1. access-list 101 permit host <R1 frame int add> any
2. access-list 101 permit host <R1 loopback add> any 3. access-list 101
permit host <R1 f0/0 add> any
thanks
Sumit
This archive was generated by hypermail 2.1.4 : Fri Jun 03 2005 - 10:12:04 GMT-3