jbroon
(Jason B)
1
Hello,
I have a question related to Ip - Access group inside and outside.
Why is it that when creating access-lists it will match if its on the outside and why not on the inside.
I am totally confused with both.
I do know that traffic is passing through , but how to know when to use inside or outside direction.
Because I can not find any tutorial explaining that.
Hi Jason,
Let’s say you have a router with 5 LAN interfaces and 1 WAN interface. You want to restrict traffic from LAN > WAN. There are two options:
- Put the same access-list inbound on all 5 LAN interfaces.
- Put the same access-list outbound on the single WAN interface.
Both will do the job, you can block packets but option two is probably a bit more convenient in this scenario.
Rene