According to my textbook, it states that a Standard ACL should be placed on the router interface as close to the destination as possible.
I am not sure what that means unless each router gets their own ACL?
Asked
Active
Viewed 125 times
1 Answers
0
It means like this: let's assume you have a configuration like:
network1<-->router1<-->router2<-->router3<-->network2 .
if you want something to be denied for going into or getting out of network2, you put the ACL on router3 (which is closest to network2), not or router2 or 1 (which are further from your target compared to router3).
Standard ACL examine the source address only. As a result, you must place them as close to the destination as possible to avoid blocking traffic bound for another interface/network.
