What is a difference between ASA IPv4 ACLs and IOS IPv4 ACLs?

IT Questions BankCategory: CCNA SecurityWhat is a difference between ASA IPv4 ACLs and IOS IPv4 ACLs?

What is a difference between ASA IPv4 ACLs and IOS IPv4 ACLs?

  • ASA ACLs are always named, whereas IOS ACLs are always numbered.
  • Multiple ASA ACLs can be applied on an interface in the ingress direction, whereas only one IOS ACL can be applied.
  • ASA ACLs use the subnet mask in defining a network, whereas IOS ACLs use the wildcard mask.
  • ASA ACLs do not have an implicit deny any at the end, whereas IOS ACLs do.
  • ASA ACLs use forward and drop ACEs, whereas IOS ACLs use permit and deny ACEs.

Explanation: There are many similarities between ASA ACLs and IOS ACLs, including:
In both, there is an implicit deny any
Only one ACL per interface, per protocol, per direction still applies.
Both use deny and permit ACEs.
ACLs can be either named or numbered.
ASA ACLs differ from IOS ACLs in that they use a network mask (e.g., 255.255.255.0) instead of a wildcard mask (e.g. 0.0.0.255). Although most ASA ACLs are named, they can also be numbered.

Exam with this question: CCNA Security Chapter 9 Exam Answers
Exam with this question: Module 21: Quiz – ASA Firewall Configuration Network Security
Exam with this question: CCNA Security Pretest Exam Answers
Exam with this question: CCNA Security Final Exam (CCNAS v1.2)

Subscribe
Notify of
guest

0 Comments
Inline Feedbacks
View all comments