Anda di halaman 1dari 10

CCNA 640-802

Access Control Lists


Standard & Extended

Make It Easiest.com ... Would you?

aiman.atta@gmail.com

Intro
What is ACL? Why use ACL?
Usage Types: Named & Numbered

Filtering using Standard ACL Configuration and Verification Editing and Troubleshooting Filtering using Extended ACL Configuration and Verification Editing and Troubleshooting ACL Guidelines & Errors

Make It Easiest.com ... Would you?

aiman.atta@gmail.com

What is ACL? Why use ACL?


What is ACL? Usage
Route Filtering Packet Filtering Classification
access-list 1 permit any access-list 1 deny 192.168.1.10

Types:
Named & Numbered Standard & Extended IP, IPv6, IPX

PC1

PC2 aiman.atta@gmail.com

Make It Easiest.com ... Would you?

Filtering using Standard ACL


Configuration
access-list 1 permit any access-list 1 deny 192.168.1.10

Wildcard: 32 bits of ones and zeros (non-consecutive)


0 = Must Match 1= Ignore
192.168.1.1 192.168.1.0 192.168.0.0 192.168.1.0 0.0.0.0 0.0.0.255 0.0.255.255 0.0.0.3

PC1

PC2 aiman.atta@gmail.com

Make It Easiest.com ... Would you?

ACL Editing & Troubleshooting


Verification
show ip access-list

Make It Easiest.com ... Would you?

aiman.atta@gmail.com

Filtering using Extended ACL


Configuration
access-list 101 deny tcp 192.168.1.10 0.0.0.0 192.168.2.10 0.0.0.0 eq 23 access-list 101 permit icmp host 192.168.1.10 host 192.168.2.10 access-list 101 permit ip any any

PC1

PC2 aiman.atta@gmail.com

Make It Easiest.com ... Would you?

Securing Virtual Lines


Configuring ACL to secure virtual lines
access-list 1 permit 192.168.10.0 0.0.0.255 line vty 0 15 access-class 1 in

Make It Easiest.com ... Would you?

aiman.atta@gmail.com

ACL Guidelines & Errors


Deny any at then end and matching logic (first match) Placement: Standard close to destination Extended close to source Syntax Direction: in or out Protocol: TCP, UDP or ICMP Source/Destination IP and Port Numbers

PC1

PC2 aiman.atta@gmail.com

Make It Easiest.com ... Would you?

Summary
What is ACL? Why use ACL?
Usage Types: Named & Numbered

Filtering using Standard ACL


Configuration and Verification Editing and Troubleshooting

Filtering using Extended ACL


Configuration and Verification Editing and Troubleshooting

ACL Guidelines & Common Errors

Make It Easiest.com ... Would you?

aiman.atta@gmail.com

Was it easy?
COULD you make THE WORLD easiest?

Please do @ Make

It Easiest.com

Make It Easiest.com ... Would you?

aiman.atta@gmail.com