ACL applied the wrong way on an Interface, what will happen

I have DMZ, INSIDE, OUTSIDE interfaces on my cisco PIX firewall

DMZAL access list  applied on DMZ interface in
INSIDEAL access list applied on inside interface in


1- "access-list dmzAL extended permit ip interface DMZ interface inside"    
2- "access-list dmzAL extended permit ip interface inside interface DMZ"

3- "access-list insideAL extended permit ip interface inside interface DMZ"
4- "access-list insideAL extended permit ip interface DMZ interface inside"

If I am not mistaken 2 and 4 have no impact since for "2" the source in inside and dest is DMZ which is not the way the access list DMZAL is applied (dmz is source)
and same applied with insideAL..

Am I mistaken or will there be some other access granted?

Junior-AuditorAsked:
Who is Participating?
 
alienXenoCommented:
In this scenario, traffic won't hit acl 2- and 4- , so there wont be any other access granted
0
 
Pete LongTechnical ConsultantCommented:
Its difficult to answer, as I cant see the matching access-group statements?

Typically this is how I set mine up....

ASA 5500 Adding a DMZ Step By Step

Pete
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.