In Which Configuration Would An Outbound Acl Placement Be Preferred Over An Inbound Acl Placement?

In Which Configuration Would An Outbound ACL Placement Be Preferred Over An Inbound ACL Placement?

When we use the same filtering rules are used for the packets would outbound the ACL placement over an inbound ACL placement. The ACL stands for access control lists. Today, we learn about the basic definition of the ACL with its syntax and its demonstration. An access control list is a tool that is used to identify the traffic and to know how we apply the access list. And then it also determines the working of the access list. Let us take an example, like if we apply an access list to an interface then any traffic that is identified by the access list is being permitted through that interface, it is the most common application of the access list.

We also have many other use cases for an access list, for example, if we have an access list to the network address translation configuration then whatever traffic is identified by the X list, can be processed by NAT. And if we apply an access list to the VPN configuration, then whatever configuration that we identify with the access list is then encrypted and will be sent through a particular tunnel. If we apply the access list to a router, then whatever the access list is being accepted by the routing process and if we apply the access list to the quality of service then it should match with the traffic that is prioritized.

It can simply be defined as a tool on the router that is used to identify the traffic. When we apply an access list to an interface, this access is sometimes referred to as the packet filter. If any packets are being sent out by the inside host, this gonna match with the access list to determine whether the router likes those packets or it doesn’t.

Now, let us take an example to understand this concept in detail. Suppose we post a packet to each one of the servers in the topology. These packets will be having a source IP address of host A’s IP address because here, source A will be sending the packets will be having a destination IP address. And the bottom packet will be having a destination IP address of the bottom server. In both of the cases, the source port will be randomly selected by the client.

We have two types of the access list that exists. They are the standard access list and the extended access list. The main difference between these two is simply which fields in the packet are using to identify particular traffic. The standard access list is the only match on the source IP address. This standard access list will be having only two ways either allowing or denying access to a particular server. This is the limitation of the standard access list. So that we use the extended access list, in the extended access list, it allows us to filter on many fields like source Ip, destination IP, source port, destination port, and the protocol.