ACLs Notes

Topics: IP address, Subnetwork, Internet Protocol Pages: 5 (822 words) Published: February 28, 2015


****************************************************************** Example No 1  Permit Network  172.16.0.0
****************************************************************** Example No 2  Deny a Specific Host  172.16.4.13
****************************************************************** Example No 3  Deny a Specific Subnet  172.16.4.0
******************************************************************

Solution of Example No 1
Step1Configuration of Standard Access List

We have to Permit Data of Network 172.16.0.0 to flow out from E0 and E1 Ethernet Interfaces of the router and enter into the both sides Network 172.16.4.0 and 172.16.3.0.

router>
router>enable
router#
router#config terminal
router(config)#

router(config)#[access-list] [Number] [permit/deny] [source IP] [Wildcard Mask]

router(config)#access-list 1 permit 172.6.0.0 0.0.255.255
router(config)#

router(config)#[access-list] [Number] [ permit] [ 0.0.0.0 255.255.255.255] or any

router(config)#
router(config)#access-list 1 permit 0.0.0.0 255.255.255.255
router(config)#

What is Implicit Deny All?

At the end of every Access List there is an Option of Implicit Deny which mean there is Condition of Deny for any Traffic coming from any Source. This is by default Feature of Cisco IOS. So we have to permit this Option Manually for all Sources so that Remaining Traffic would not deny.

Step2Apply the Standard Access List
We Know that Access List is Applied on the desired Interface of the router so we have of go Interface Config Mode of the Router Interface at which Access List is to be Applied. As we have to permit the traffic to move out from the router so we apply Access List at Interface Ethernet 0 in the OUT direction and also at Ethernet 1 in OUT direction. Apply on Ethernet Interface 0 in OUT direction

router(config)#
router(config)#interface Ethernet 0
router(config-if)#

router(config-if)#[IP access-group] [Number] [out/in]

router(config-if)#
router(config-if)#ip accesss-group 1 out
router(config-if)#

Apply on Ethernet Interface 1 in OUT direction

router(config)#
router(config)#interface Ethernet 1
router(config-if)#

router(config-if)#[IP access-group] [Number] [out/in]

router(config-if)#
router(config-if)#ip accesss-group 1 out
router(config-if)#

********************************************************
Solution of Example No 2

Step1Configuration of Standard Access List

We have to deny a Specific Host having IP Address 172.16.4.13 which present is in Network 172.16.4.0 after deny it will be no able to send its traffic to the Network 172.16.3.0

router>
router>enable
router#
router#config terminal
router(config)#
router(config)#access-list 1 deny 172.16.4.13 0.0.0.0
router(config)#
router(config)#access-list 1 permit 0.0.0.0 255.255.255.255 or any router(config)#

Step2Apply the Standard Access List

We have to block the traffic to flow out the Ethernet Interface 0 and enter in Network 172.16.3.0 so we apply access list on the Ethernet interface 0 in Out direction.

router(config)#
router(config)#interface Ethernet 0
router(config-if)#
router(config-if)#ip access-group 1 out

********************************************************
Solution of Example No 3

Step1Configuration of Standard Access List

We have to deny a the traffic of a specific subnet 172.16.4.0 to enter it from the network 172.16.3.0 which is running out side of the router E0 interface.

router>
router>enable
router#
router#config terminal
router(config)#
router(config)#access-list 1 deny 172.16.4.0 0.0.0.255
router(config)#
router(config)#access-list 1 permit 0.0.0.0 255.255.255.255
router(config)#

Step2Apply the Standard Access List

We have to block the traffic to flow out the Ethernet Interface 0 and enter in Network 172.16.3.0 so we apply access list on the Ethernet interface 0 in...
Continue Reading

Please join StudyMode to read the full document

You May Also Find These Documents Helpful

  • Journal on Note Taking Essay
  • Essay about Taking Notes in College
  • Note taking Essay
  • Quotation and Research Notes Essay
  • Research Memo on How to Write Thank You Notes Essay
  • Essay on Mass Notes
  • Note Taking Methods Essay
  • Course Project ; Notes to the Financial Statement Essay

Become a StudyMode Member

Sign Up - It's Free