Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Access Lists

Status
Not open for further replies.
ElijahBaley

ElijahBaley

IS-IT--Management
May 4, 2001
1,598
GB

Hi

There seems to be a bit of confusion with this in the Sybex book, so I just wondered if anyone can clear up once and for all:

1) Do you place Standard access lists nearest to the source or destination?

2) Do you place Extended access lists nearest to the source or destination?

Thanks for your help,

 
Sort by date Sort by votes
Hi Elija,

In the notes I have the Standard Access list should be nearest the destination and the Extended Access list should be nearest the source address
 
Upvote 0 Downvote
The Standard access lists should be nearest to destination and the Extended should be near to Source.

A Standard IP access list analyses the source address of the packet and matches it against the access list.

An Extended IP access list analyses the destination address of the packet and matches it against the access list.

A Standard IPX access list analyses the source AND DESTINATION address of the packet and matches it against the access list. CCNA
System/Network Administrator
 
Upvote 0 Downvote
access-list should be placed to the perfect location where the traffic should be filtered. If the situation requires that a traffic be filtered it should be evaluated as to where the exact interface of which router the filter would be placed.You can refer to the Cisco CCNA Study Guide by Wendell Odom and it is clearly explained in that book.
Sybex books indicates that extended access-list should be placed near the source, and standard access-list be placed at destination.
 
Upvote 0 Downvote
A friend once told me - a way to remember this is ESD - (electro static discharge) hehe, but hey...

E - extended ---> S - Source/ S- Standard ----> D - Destination

So for extended ACL should be closer to the Source
Standard ACL is closer to Destination..
 
Upvote 0 Downvote
What they mention in the books is just the guide lines.the access lists should be applied where u intend to filter the packets. Now theres again the direction of the filter too ie; inbound and outbound. So practically the theory in these books makes no sense.
But, If u're preparing for the CCNA exam, then the answer is
1)Extended towards the Source
2)Standard towards the Destination

Sybex Book Sucks....try not to prepare with it....you MAY Pass the exam but fundamentally you'll be a Jackass.

--Ganesh
TopGun Technologies
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

GTexx
  • Locked
  • Question
LAB 3640 Access Router Config.
Replies
3
Views
103
GTexx
GTexx
Kurfer
  • Locked
  • Helpful tip
Free Cisco Lab Access for CCNA/CCNP 1
Replies
7
Views
133
burtsbees
burtsbees
beaner2005
  • Locked
  • Question
Discretionary Access Control
Replies
16
Views
130
beaner2005
beaner2005
ravy2008
  • Locked
  • Question
Access Server 2511 Telnet Question
Replies
0
Views
40
ravy2008
ravy2008
GottaBeKiN
  • Locked
  • Question
3620 as an Access Server 3
Replies
11
Views
110
maczen
maczen

Part and Inventory Search

Sponsor

Back
Top