Security Basics mailing list archives

Cisco ACL doubt

From: 345345 () gmail com
Date: 3 Jul 2005 14:08:43 -0000

Hello people,

I have the following ACL attached to the external serial (ISP link) of my Cisco 805 Router. 

access-list 102 remark Egress Filtering ACL
access-list 102 permit ip host 100.100.20.34 any
access-list 102 permit ip host 100.100.14.102 any log-input
access-list 102 deny   ip any any log-input

And I keep getting lots of log messages from the router (just like the one here!)

2005-07-02 14:13:37     Local5.Info     192.168.0.254   12112: 012109: *Mar  1 17:38:03.975 GMT: %SEC-6-IPACCESSLOGP: 
list 102 denied tcp 200.227.70.210(0) (Serial0 DLCI 100) -> 100.100.20.53(0), 1 packet


As far as I can see, those messages tell that the router has blocked an incoming packet on Interface Serial 0. The Big 
question is: Why does the router reports this incoming packet related to ACL 102 if this ACL is attached to the Serial 
0 OUT???

interface Serial0
 ip access-group 102 out

Thanks in advance for any help.

Best regards,

Jasho Mendinka.

Ps.: in case one needs additional info, please contact me on my e-mail, or I can send more infos if is the common 
interest.

Current thread:

Cisco ACL doubt 345345 (Jul 05)
- Re: Cisco ACL doubt routerg (Jul 11)
- RE: Cisco ACL doubt David Gillett (Jul 12)
- <Possible follow-ups>
- RE: Cisco ACL doubt Jeffery Chen (Jul 06)
- Re: Cisco ACL doubt digitaltone (Jul 06)
- RE: Cisco ACL doubt Payton, Zack (Jul 13)
  - Re: Cisco ACL doubt routerg (Jul 18)