Register now or log in to join your professional community.
I Agree with Khaled Omar, it depends on purpose you need, Standard ACLs should be implemented as close as possible to the destination, and Extended ACLs is close to the source to reduce traffic load.
Actually it depends on the type of ACL used, whether it is Standard or Extended.
If it is Standard, then you should configure the ACL close to the destination to prevent discarding packets that you don't want to be discarded.
If it is Extended, then you should configure the ACL close to the source to discard packets faster.
Access list should be applied closer to the source for OUT BOUND trafic and therefore inside interface note there is a implicit deny ip any any at the end of the ACL ,
However if you need to control IN BOUND traffic then it must be applied to the outside
both the case command applying on the interface would be ip access-group101 in