| As shown in the main figure,
for outbound standard IP access lists, after receiving and
routing a packet to a controlled interface, the router checks the
source address of the packet against the access list. If the access
list permits the address, the router transmits the packet. If the
access list denies the address, the router discards the packet and
returns an ICMP "Admin Denied" message.
When configuring outbound access
lists, order is important (just as it is with inbound access lists).
Make sure you list the entries in order from specific to general.
|
|