how complicated are acls ?

From: Kal Han (calikali2006@gmail.com)
Date: Wed Dec 13 2006 - 01:50:08 ART

• Next message: Ankush Arora \(anarora\): "Cleared CCIE R&S Lab in Bangalore on my first attempt!!!"
• Previous message: Derek P: "Re: MAC ACL Vs Vlan access-map"
• Next in thread: Fosket, William: "RE: how complicated are acls ?"
• Maybe reply: Fosket, William: "RE: how complicated are acls ?"
• Maybe reply: sabrina pittarel: "Re: how complicated are acls ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hi
When configuring acl in the lab ( time constraint factor )
and if the question says allow telnet access to router that has
inbound access-lists configured on the interfaces -
given that the router has 2 physical interfaces and 2 loopbacks
Is it expected to write up all the possible acls.

*example*
permit tcp any router_int1_IP eq telnet
 permit tcp any router_int2_IP eq telnet
 permit tcp any router_loop1_IP eq telnet
 permit tcp any router_loop2_IP eq telnet

or

just a "permit any any eq telnet" will be OK to use.

please let me know.
It could be irritating to ask the proctor about this granular
stuff sometimes...
(i understand its more 'secure' to use the first one... but
in terms of what lab exam is testing... is it required ? )

Thanks
Kal

• Next message: Ankush Arora \(anarora\): "Cleared CCIE R&S Lab in Bangalore on my first attempt!!!"
• Previous message: Derek P: "Re: MAC ACL Vs Vlan access-map"
• Next in thread: Fosket, William: "RE: how complicated are acls ?"
• Maybe reply: Fosket, William: "RE: how complicated are acls ?"
• Maybe reply: sabrina pittarel: "Re: how complicated are acls ?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:37 ART