10 CCNA ICND2 - Configuring and Understanding ACL

This document discusses configuring and understanding access control lists (ACLs) in Cisco routers. It provides examples of configuring standard and extended ACLs to permit or deny traffic based on source IP addresses, destination addresses, and port numbers. It also gives scenarios of applying ACLs to block specific hosts from accessing other hosts or networks.

Uploaded by

a_abrar10

Available Formats

Download as PPT, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

27 views

10 CCNA ICND2 - Configuring and Understanding ACL

Uploaded by

a_abrar10

Available Formats

Download as PPT, PDF, TXT or read online on Scribd

You are on page 1/ 16

International Horn University

CCNA (ICND V2)

Configuring and Understanding ACL

Ahmed Nurani
Access Control List???
Access Control Lists (ACLs) allow a router
to permit or deny packets based on a
variety of criteria
ACL is configured on Global Mode
ACL does not take effect before applying
to any interface
If a packet enters or exits an interface with
an ACL applied, the packet is compared
against the criteria of the ACL.
List is read from top to bottom
All un-matched ACL’s are dropped by a
default deny
With a standard ACL is only concerned
with one aspect and that’s the source IP
address of the packet.
For an extended ACL both the destination
and source of the packet is considered as
well as it’s port numbers.
Configuring standard ACL
- Denying a single host
Option 1
Config# access-list 1 deny 192.168.5.100

Option 2
Config# access-list 1 deny 192.168.5.100 0.0.0.0

Option 3
Config# access-list 1 deny host 192.168.5.100
Configuring standard ACL
- Permitting single host
Option 1 – Permitting a single host
Config# access-list 1 permit 192.168.5.100

Option 2 – permitting a single host

Config# access-list 1 permit host 192.168.5.100

- Permitting a subnet
Config# access-list 1 permit 192.168.5.100
0.0.255.255
Scenario 1 - Use a standard ACL to block
Host A from accessing Host B

- Router 3
Config# access-list 1 deny 192.168.10.50
Config# access-list permit any
Config# interface fastethernet 0/0
Config-IF# ip access-group 1 out
Scenario 2 - Use a standard ACL to prevent
Host A from Telnet-ting or SSHing R1

- Router 1
Config# access-list 70 deny 192.168.10.50
Config# access-list permit any
Config# line vty 0 4
Config-line# access-class 70 in
Scenario 3 - Use an extended ACL to
prevent Host A from accessing R2 WAN link

- Router 2

Config# access-list 150 deny ip host

192.168.10.50 192.168.2.0 0.0.0.255
Config# access-list 150 permit ip any any
Config# interface fa0/0.10
Config-in# ip access-group 150 in
Scenario 4 - Use an extended ACL to
prevent Host A from accessing the internet

Config# access-list 150 deny tcp host

192.168.10.50 host 192.168.5.80 eq 80
Config# access-list 150 deny ip host
192.168.10.50 192.168.2.0 0.0.0.255
Config# access-list 150 permit ip any any

05continuous Univariate Distributions, Vol. 1 PDF
0% (1)
05continuous Univariate Distributions, Vol. 1 PDF
769 pages
Fortinet FCP - FortiGate 7.4 Administrator Exam Preparation
From Everand
Fortinet FCP - FortiGate 7.4 Administrator Exam Preparation
Georgio Daccache
No ratings yet
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
From Everand
Network Security All-in-one: ASA Firepower WSA Umbrella VPN ISE Layer 2 Security
Redouane MEDDANE
No ratings yet
SCDL - Managerial Economics
100% (11)
SCDL - Managerial Economics
19 pages
A1 - Lab 3 - Access Control List in Packet Tracer
No ratings yet
A1 - Lab 3 - Access Control List in Packet Tracer
7 pages
Access Control List (ACL)
50% (2)
Access Control List (ACL)
37 pages
Access Control List: Topology Diagram
No ratings yet
Access Control List: Topology Diagram
6 pages
4.4.1.2 Packet Tracer - Configure IP ACLs To Mitigate Attacks
No ratings yet
4.4.1.2 Packet Tracer - Configure IP ACLs To Mitigate Attacks
12 pages
Clase 17. Packet Filtering
No ratings yet
Clase 17. Packet Filtering
70 pages
Computer System Engineering Department ENCS413 Network Lab Access List
No ratings yet
Computer System Engineering Department ENCS413 Network Lab Access List
13 pages
3-Access - List Ccna Security Ipv4 Ipv6
No ratings yet
3-Access - List Ccna Security Ipv4 Ipv6
101 pages
2 - Access Control Lists
No ratings yet
2 - Access Control Lists
54 pages
Sybex CCNA 640-802 Chapter 12
No ratings yet
Sybex CCNA 640-802 Chapter 12
30 pages
CCNA Security Part 4 Firewall
No ratings yet
CCNA Security Part 4 Firewall
83 pages
CCNA Presentation - ACL
No ratings yet
CCNA Presentation - ACL
58 pages
Lab 1 5 3 PDF
No ratings yet
Lab 1 5 3 PDF
4 pages
CCNA Lab M4 5.5.1
No ratings yet
CCNA Lab M4 5.5.1
6 pages
Lab9 ACL
No ratings yet
Lab9 ACL
6 pages
Experiment#7: Access Control List Basics and Extended Ping: Objective
No ratings yet
Experiment#7: Access Control List Basics and Extended Ping: Objective
4 pages
CCNA 2 Chapter 9 v5 0 Exam Answ
No ratings yet
CCNA 2 Chapter 9 v5 0 Exam Answ
6 pages
Exercices ACL
100% (1)
Exercices ACL
9 pages
Access Lists
No ratings yet
Access Lists
46 pages
Access Control List Command code
No ratings yet
Access Control List Command code
4 pages
Answer CCNA Discovery 3 Ver 4 0 Chapter 8 U Can Get 90 2%
100% (10)
Answer CCNA Discovery 3 Ver 4 0 Chapter 8 U Can Get 90 2%
9 pages
Lab Activity - Access List
No ratings yet
Lab Activity - Access List
6 pages
26.2.2 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 2 - ILM
No ratings yet
26.2.2 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 2 - ILM
4 pages
Lab 8 Packet Tracer Version
No ratings yet
Lab 8 Packet Tracer Version
6 pages
Lab 1.4.3 Introductory Lab 3 - Access Control List Basics and Extended Ping
No ratings yet
Lab 1.4.3 Introductory Lab 3 - Access Control List Basics and Extended Ping
5 pages
Lab 6-.Access Control List in Packet Tracer
No ratings yet
Lab 6-.Access Control List in Packet Tracer
6 pages
Ccna4 5.2.8.2 PDF
No ratings yet
Ccna4 5.2.8.2 PDF
6 pages
Topic5-Access Control Lists ACL
No ratings yet
Topic5-Access Control Lists ACL
43 pages
7
No ratings yet
7
15 pages
Practical 4
No ratings yet
Practical 4
12 pages
Extended Access Lists
No ratings yet
Extended Access Lists
3 pages
QuintoARonyZambrano5 4 13
No ratings yet
QuintoARonyZambrano5 4 13
4 pages
Lab Worksheet 7: Basic Access Control List
No ratings yet
Lab Worksheet 7: Basic Access Control List
5 pages
5.4.13 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 2
No ratings yet
5.4.13 Packet Tracer - Configure Extended IPv4 ACLs - Scenario 2
4 pages
Access Lists
No ratings yet
Access Lists
6 pages
Lab 6: Firewalls - Static Packet Filtering: 2.2 Details
No ratings yet
Lab 6: Firewalls - Static Packet Filtering: 2.2 Details
25 pages
Access Control Lists (ACLs)
No ratings yet
Access Control Lists (ACLs)
67 pages
ACL Practice Lab 1
No ratings yet
ACL Practice Lab 1
8 pages
EWAN Lab 5 5 1
No ratings yet
EWAN Lab 5 5 1
10 pages
Lab 8.3.4 Planning, Configuring and Verifying Extended Acls
No ratings yet
Lab 8.3.4 Planning, Configuring and Verifying Extended Acls
5 pages
Lab#11 - Extended ACL CCN
No ratings yet
Lab#11 - Extended ACL CCN
6 pages
TP ACL Configuration
No ratings yet
TP ACL Configuration
2 pages
EXT ACLs
No ratings yet
EXT ACLs
15 pages
ICND210S06_ACL
No ratings yet
ICND210S06_ACL
43 pages
Sec 5
No ratings yet
Sec 5
54 pages
Chapter 10 - Access Control Lists
No ratings yet
Chapter 10 - Access Control Lists
45 pages
ACLs.pdf
No ratings yet
ACLs.pdf
16 pages
ACL2
No ratings yet
ACL2
88 pages
ACL Practice Lab 2
No ratings yet
ACL Practice Lab 2
7 pages
ACL_pricipios20
No ratings yet
ACL_pricipios20
7 pages
CCNA Exam Excellence: Study Guide & Practice Tests
From Everand
CCNA Exam Excellence: Study Guide & Practice Tests
SUJAN
No ratings yet
Advanced OSPF & BGP
From Everand
Advanced OSPF & BGP
Ashlan Chidester
No ratings yet
FortiGate 7.4 Admin Study Notes: 499 Study Notes for Accelerated Certification Success
From Everand
FortiGate 7.4 Admin Study Notes: 499 Study Notes for Accelerated Certification Success
Steve Brown
No ratings yet
CCNA Exam Focus: Study Guide with Practice Tests
From Everand
CCNA Exam Focus: Study Guide with Practice Tests
SUJAN
No ratings yet
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
From Everand
CISCO PACKET TRACER LABS: Best practice of configuring or troubleshooting Network
Mulayam Singh
No ratings yet
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
From Everand
WAN TECHNOLOGY FRAME-RELAY: An Expert's Handbook of Navigating Frame Relay Networks
Mamta Devi
No ratings yet
Fortinet FCP - FortiGate 7.6 Administrator Exam Preparation
From Everand
Fortinet FCP - FortiGate 7.6 Administrator Exam Preparation
Georgio Daccache
No ratings yet
CCNA Certification All-in-One For Dummies
From Everand
CCNA Certification All-in-One For Dummies
Silviu Angelescu
5/5 (1)
Basic Setup of FortiGate Firewall
From Everand
Basic Setup of FortiGate Firewall
Dr. Hidaia Mahmood Alassouli
No ratings yet
Compressor Wash System RB211
No ratings yet
Compressor Wash System RB211
15 pages
2 - Site Safety Report
100% (2)
2 - Site Safety Report
15 pages
LG L80 Dual - Schematic Diagarm PDF
0% (1)
LG L80 Dual - Schematic Diagarm PDF
97 pages
WEEK 4 Quiz in College Algebra
No ratings yet
WEEK 4 Quiz in College Algebra
3 pages
Final Take-Home Assignment: Bennett, Tony. "Text and Social Process: The Case of James Bond."
No ratings yet
Final Take-Home Assignment: Bennett, Tony. "Text and Social Process: The Case of James Bond."
11 pages
GR 12 Settlement Geography Part 1 Summaries
No ratings yet
GR 12 Settlement Geography Part 1 Summaries
6 pages
Qap For Jib Crane
No ratings yet
Qap For Jib Crane
2 pages
Unit 4 Discovering Plants and Animals
No ratings yet
Unit 4 Discovering Plants and Animals
13 pages
Guide of The Diagrams and Transfer Methodology - EN
No ratings yet
Guide of The Diagrams and Transfer Methodology - EN
2 pages
2020 - Transport and Logistics - Dinh Van Hiep
No ratings yet
2020 - Transport and Logistics - Dinh Van Hiep
18 pages
Switched Beam Antenna System Design: Mohamad Kamal Abdul Rahim, Mohd Nazif Mat Salleh, Osman Ayop, Thelaha Masri
No ratings yet
Switched Beam Antenna System Design: Mohamad Kamal Abdul Rahim, Mohd Nazif Mat Salleh, Osman Ayop, Thelaha Masri
4 pages
'Keep Your Distance' Aby Warburg On Myth and Modern Art
No ratings yet
'Keep Your Distance' Aby Warburg On Myth and Modern Art
16 pages
Deep Learning For Iot: Tausif Diwan, Jitendra V. Tembhurne, Tapan Kumar Jain, and Pooja Jain
No ratings yet
Deep Learning For Iot: Tausif Diwan, Jitendra V. Tembhurne, Tapan Kumar Jain, and Pooja Jain
17 pages
Wireless Discrete Time Receivers Massoud Tohidian - The ebook with all chapters is available with just one click
100% (1)
Wireless Discrete Time Receivers Massoud Tohidian - The ebook with all chapters is available with just one click
68 pages
Lecture 1 Introduction Construction Management
No ratings yet
Lecture 1 Introduction Construction Management
33 pages
Unit 7 Trignometry Assessment
No ratings yet
Unit 7 Trignometry Assessment
4 pages
Clearances and Creepage
No ratings yet
Clearances and Creepage
4 pages
Paper-1 - 1 - Plato and Aristotle
100% (1)
Paper-1 - 1 - Plato and Aristotle
17 pages
Artificial Intelligence in Healthcare Transforming the Future
No ratings yet
Artificial Intelligence in Healthcare Transforming the Future
8 pages
ICT Grade 2 Revison Note
No ratings yet
ICT Grade 2 Revison Note
6 pages
The Effective Length of Columns in Multi
No ratings yet
The Effective Length of Columns in Multi
12 pages
1.4 Exercises: Numericalnote
No ratings yet
1.4 Exercises: Numericalnote
3 pages
Handbook On Habitat Restoration (Full Book)
No ratings yet
Handbook On Habitat Restoration (Full Book)
340 pages
Reading and Writing Skills Activity Sheet.
No ratings yet
Reading and Writing Skills Activity Sheet.
6 pages
Philippine Coconut Authority Zamboanga Research Center: Non-Food Products Development Division
No ratings yet
Philippine Coconut Authority Zamboanga Research Center: Non-Food Products Development Division
4 pages
Adc001 01
No ratings yet
Adc001 01
9 pages
Guideline On Reuse of Existing Piles
100% (1)
Guideline On Reuse of Existing Piles
9 pages
THINK L4 Unit 6 Grammar
No ratings yet
THINK L4 Unit 6 Grammar
2 pages

10 CCNA ICND2 - Configuring and Understanding ACL

Uploaded by

10 CCNA ICND2 - Configuring and Understanding ACL

Uploaded by

International Horn University

CCNA (ICND V2)

** Configuring and Understanding ACL**

Option 2 – permitting a single host

Config# access-list 150 deny ip host

Config# access-list 150 deny tcp host

You might also like

Configuring and Understanding ACL