Results 1 to 5 of 5

Thread: Cisco ACL in/out question

Thread Tools
- Show Printable Version
Display
- Switch to Linear Mode
- Switch to Hybrid Mode
- Threaded Mode

Threaded View

July 27th, 2006, 04:00 PM #3
ammo

View Profile

View Forum Posts

Visit Homepage
Senior Member

Join Date

Sep 2001

Posts

1,027
Indeed, you usually try to drop traffic as close to the edge as possible.

However, one reason for filtering out on an interface could be if you have a router with multiple interfaces and wanted to secure (default deny) the zone behind one of those interfaces from all other interfaces. Then it's much easier to "deny ip any any" out on said interface than try to deny in based on destination on all other interfaces ...

Ammo

Credit travels up, blame travels down -- The Boss
Reply With Quote

Quick Navigation Newbie Security Questions Top

« Previous Thread | Next Thread »

Posting Permissions

You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
[VIDEO] code is On
HTML code is Off

Forum Rules

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Thread: Cisco ACL in/out question

Thread Tools

Display

Threaded View

Posting Permissions