Cisco ACL in or out syntax

By Glenn McCallum

Cisco ACL in or out syntax

Inbound or Outbound? Outbound away from router? Quick byte to have you sorted.

interface Vlan100
 description GMbytes_Vlan
 ip access-group test_inbound in
 ip address 192.168.100.1 255.255.255.0

Vlan 100 as in example above, if you apply an ACL on the ‘in’ direction, the source must be within the 192.168.100.x subnet while the destination can be anything.

If you apply an ACL in the ‘out’ direction, the source can be anything while the destination can be ‘any’ or 192.168.100.x

Example inbound ACL for vlan100

csr1000v-1#show access-lists test_inbound
Extended IP access list test_inbound
    10 permit ip 192.168.0.0 0.0.0.255 any
    20 permit ip any 10.10.0.0 0.0.0.255
csr1000v-1#

Example outbound ACL for vlan100

csr1000v-1#show ip access-lists test
Extended IP access list test_outbound
    10 permit ip 10.10.0.0 0.0.0.255 any
    20 permit ip 10.10.1.0 0.0.0.255 host 192.168.100.1
csr1000v-1#
Share this:
Cisco 0

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright ©GMBYTES 2024