1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

RV016 - Access Rules - Top Down or Bottom Up?

Discussion in 'Cisco Small Business Routers and VPN Solutions' started by cwpippin, Apr 28, 2007.

  1. cwpippin

    cwpippin LI Guru Member

    Are the access rules processed from the top down (by priority) or from the bottom up?

    And should all my deny rules be grouped together or should the denies be with the related allow rule(s)? Ya know the issue of port forwarding and 1to1 nat opening the world. I scoured the forums and found how to get granular (remove port forwarding/1to1 nat and make UPnP entries for my services and than a deny and allow entry in my Access Rules). Just curious if the denies can or should be lumped together or need to follow/precede (depending on how rules are processed) their related allow rule.

    In the Cisco world you try to place you most used ACL's at the top of your list.. So.. Just curious.

    Thank you to all who reply.:)
  2. Disman_ca

    Disman_ca Super Moderator Staff Member Member

    Top down, most restrictive should apply first.

Share This Page