ACL Help

hey guys,

I am a acl newbie. pretty good with cisco, but for some reason I have a hard time wrapping my head around acls. This is the scenario: I see an access list that denies a certain ip in access list 120, another access list, 130 permits this ip. When I see the config for the interface I see that 120 is applied to the inside and 130 is applied to the out side. Like so:

ip access-group 120 in
ip access-group 130 out

What reason would there be to deny traffic on the inside and then allow it on the outside?? I am confused by this.

Also, does anyone have any links to very simplied access list help. for some reason I have a hard time with the reverse subnet mask deal. i cannot seem to work it out in my brain. lol

TIA,

susetechie

Is this interface internet facing . If so then that ip is being denied entry into your network , while your users are allowed to go to this network based on the 130 Out statement.

www.cisco.com/en/US/tech/tk648/tk361/tec...186a0080100548.shtml