I'm preparing my ccna and i have a serious confusion about applying Access-List, especially on which interface and inbound/outbound rule
CCNA Access List Sim 2
The task is to create and apply a numbered access-list with no more than three statements that will allow ONLY host C web access to the Finance Web Server. No other hosts will have web access to the Finance Web Server. All other traffic is permitted.
Access to the router CLI can be gained by clicking on the appropriate host.
All passwords have been temporarily set to “cisco”.
The Core connection uses an IP address of 198.18.196.65
The computers in the Hosts LAN have been assigned addresses of 192.168.33.1 – 192.168.33.254
Host A 192.168.33.1
Host B 192.168.33.2
Host C 192.168.33.3
Host D 192.168.33.4
The servers in the Server LAN have been assigned addresses of 172.22.242.17 – 172.22.242.30
The Finance Web Server is assigned an IP address of 172.22.242.23.
The Public Web Server is assigned an IP address of 172.22.242.17
Corp1(config-if)#ip access-group 100 out
it says that i should apply it on interface fa0/1 and out
why is that?
i thought it was on f0/0 and in
or is it because it's extended access list and should be put nearest to source (the LAN side)
and why is it out?, not inbound, is it because that this ACL applied to the interface that face out (facing the out of the destination)?
Can someone kindly enough tell me the rule about where to apply and the in/out ?
I've read some articles and books and watch some videos (CBT Nuggets, Lammle) and tried to browse some explanation but still very confuse
thank you in advace