Home > Access-list Questions

Access-list Questions

March 16th, 2020 Go to comments

Note: If you are not sure about Access list, please read our Access List Tutorial.

Question 1


The “deny tcp any host eq 80” command means “block all (any) traffic from accessing web server at on port 80”. And since it is applied to VLAN 20 interface so only computers on VLAN 20 are affected.

In summary, just notice that here is the destination IP address, not source address.

Note: The traffic flow from hosts in VLAN 20 to the Web Server is: host in VLAN 20 -> Interface VLAN 20 -> Interface VLAN 30 -> Web Server. If we place the ACL: host in VLAN 20 -> (ACL Inbound) Interface VLAN 20 -> Interface VLAN 30 -> Web Server. Therefore the ACL can block traffic from VLAN 20.

Question 2

Comments (2) Comments
  1. Mohammed
    June 21st, 2020


  2. Anonymous
    June 29th, 2020

    very good

Add a Comment