|access-list <#> permit/deny <protocol> <sourceAddress> <sourceMask> <destinationAdd> <destinationMask>|
Say I applied an ACL inbound on Fa0/0, would the source address be the outside the LAN?
So if took the same ACL and applied it as outbound, would the source need to be change to an IP inside the LAN?
I am a bit confused by the data flow I'm seeing in packet tracer simulation mode to. I set up an ACL for testing purposes "access-list 199 permit ip 220.127.116.11 0.0.0.63 any" set as inbound, the idea being it permits any traffic from the .0 subnet.
When I watch the packet in the simulation, it makes it to the destination address then is dropped by the router on it's way back out to the sender. This makes no sense to me, as security wise there are always going to be situations where you want traffic to be one way, and this makes it look like in needs ACL permission to leave onces it inside.