Access Lists Workbook - The Cisco Learning Network

More documents

Recommendations

Info

10 Choosing to Filter Incoming or Outgoing Packets Access Lists on your incoming port... ...requires less CPU processing. ...filters and denys packets before the router has to make a routing decision. Access Lists on your outgoing port... ...are outbound by default unless otherwise specified. ...increases the CPU processing time because the routing decision is made and the packet switched to the correct outgoing port before it is tested against the ACL. Breakdown of a Standard ACL Statement permit or deny access-list 1 permit 192.168.90.36 0.0.0.0 autonomous number 1 to 99 permit or deny wildcard mask source address access-list 78 deny host 192.168.90.36 log autonomous number 1 to 99 indicates a specific host address source address (Optional) generates a log entry on the router for each packet that matches this statement
Breakdown of an Extended ACL Statement autonomous number 100 to 199 access-list 125 permit ip 192.168.90.36 0.0.0.0 192.175.63.12 0.0.0.0 permit or deny autonomous number 100 to 199 source wildcard mask destination wildcard mask destination address access-list 178 deny tcp host 192.168.90.36 host 192.175.63.12 eq 23 log permit or deny protocol icp, icmp, tcp, udp, ip, etc. protocol icp, icmp, tcp, udp, ip, etc. source address indicates a specific host source address Protocols Include: IP IGMP IPINIP TCP GRE OSPF UDP IGRP NOS ICMP EIGRP Integer 0-255 To match any internet protocol use IP. indicates a specific host destination address port number (23 = telnet) operator eq for = gt for > lt for < neg for = (Optional) generates a log entry on the router for each packet that matches this statement 11
Page 1 and 2: Extended Standard CL Any 0.0.0.0 de
Page 3 and 4: What are Access Control Lists? ACLs
Page 5 and 6: Lisa’s Computer Standard Access L
Page 7 and 8: Standard Access List Placement 1. W
Page 9 and 10: Juan’s Computer Lisa’s Computer
Page 11: Extended Access List Placement 1. W
Page 15 and 16: Applying an extended Named Access L
Page 17 and 18: 3. Match a specific range Example 1
Page 19 and 20: Wildcard Mask Problems 1. Create a
Page 21 and 22: 11. access-list 110 permit ip 192.1
Page 23 and 24: Writing Standard Access Lists...
Page 25 and 26: Write a standard access list to blo
Page 27 and 28: Write a standard access list to per
Page 29 and 30: Using a minimum number of commands
Page 31 and 32: Write a standard access list to blo
Page 33 and 34: Write a standard named access list
Page 35 and 36: Writing Extended Access Lists...
Page 37 and 38: Extended Access List Sample #2 Deny
Page 39 and 40: Extended Access List Problem #2 Den
Page 51 and 52: Extended Access List Problem #10 De
Page 59 and 60: Extended Access List Sample #10 Den
Page 63 and 64:
Extended Access List Problem #18 De
Page 65 and 66:
Extended Access List Problem #20 De
Page 67 and 68:
Index / Table of Contents Access-Li
Page 69:
43 NICNAME (Who Is) 49 LOGIN (Login
show all

Access Lists Workbook - The Cisco Learning Network

Create successful ePaper yourself

Delete template?

Save as template?