Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. CCNA ACLs Deepdive February, 2012 Jaskaran Kalsi Assoc. Technical Manager.

Slides:



Advertisements
Similar presentations
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Advertisements

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.
Chapter 9: Access Control Lists
Basic IP Traffic Management with Access Lists
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Become an ACL Wizard – Advanced ACL Editing Bogdan Doinea.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
Firewalls and Intrusion Detection Systems
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 4 – Implementing Firewall Technologies.
WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
The Cisco ACL. 1.The Cisco ACL is simply a means to filter traffic that crosses your router. 2.It has two major syntax types numbered and named lists.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. CCNA DHCP Deepdive November, 2011 Jaskaran Kalsi & Anton Merckushov Assoc.
© 2002, Cisco Systems, Inc. All rights reserved..
1 Lecture #5 Access Control Lists (ACLs) Asst.Prof. Dr.Anan Phonphoem Department of Computer Engineering, Faculty of Engineering, Kasetsart University,
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Access Control List ACL. Access Control List ACL.
Windows 7 Firewall.
Access Control Lists (ACLs)
Sybex CCNA Chapter 12: Security Instructor & Todd Lammle.
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Access Control List (ACL)
Instructor & Todd Lammle
CCNA – Cisco Certified Network Associates Access Control List (ACL) By Roshan Chaudhary Lecturer Islington College.
Access-Lists Securing Your Router and Protecting Your Network.
ACLs ACLs are hard. Read, read, read. Practice, practice, practice ON TEST4.
© 2006 Cisco Systems, Inc. All rights reserved. Cisco IOS Threat Defense Features.
Page 1 Access Lists Lecture 7 Hassan Shuja 04/25/2006.
Access Control List ACL’s 5/26/ What Is an ACL? An ACL is a sequential collection of permit or deny statements that apply to addresses or upper-layer.
1 What Are Access Lists? –Standard –Checks Source address –Generally permits or denies entire protocol suite –Extended –Checks Source and Destination address.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Saeed Darvish Pazoki – MCSE, CCNA Abstracted From: Cisco Press – ICND 2 – 6 IP Access Lists 1.
Access Control Lists Accessing the WAN – Chapter 5.
CN2668 Routers and Switches Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Page 1 Chapter 11 CCNA2 Chapter 11 Access Control Lists : Creating ACLs, using Wildcard Mask Bits, Standard and Extended ACLs.
Verify that timestamps for debugging and logging messages has been enabled. Verify the severity level of events that are being captured. Verify that the.
Restricting Access in the network
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
ACCESS CONTROL LIST.
Chapter 4: Implementing Firewall Technologies
Access Control Lists (ACL). Access-List Overview 4 A Filter through which all traffic must pass 4 Used to Permit or Deny Access to Network 4 Provides.
Chapter 8 Network Security Thanks and enjoy! JFK/KWR All material copyright J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking:
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Sybex CCNA Chapter 10: Security Instructor & Todd Lammle.
Wild Stuff ExtendedACLGeneralACLStandardACL Got the Right Number?
CCNA4 Perrine / Brierley Page 12/20/2016 Chapter 05 Access Control Non e0e1 s server.
Access Control List (ACL) W.lilakiatsakun. Transport Layer Review (1) TCP (Transmission Control Protocol) – HTTP (Web) – SMTP (Mail) UDP (User Datagram.
What's a Firewall? A security system that acts as a protective boundary between a network and the outside world Isolates computer from the internet using.
1 Pertemuan 24 Access Control List Fundamentals. Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists.
Chapter 8.  Upon completion of this chapter, you should be able to:  Understand the purpose of a firewall  Name two types of firewalls  Identify common.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
Accessing the WAN – Chapter 5
Instructor Materials Chapter 7: Access Control Lists
Instructor Materials Chapter 4: Access Control Lists
Accessing the WAN – Chapter 5
Accessing the WAN – Chapter 5
Introducing ACL Operation
Chapter 4: Access Control Lists (ACLs)
Chapter 4: Access Control Lists
Access Control Lists CCNA 2 v3 – Module 11
Access Control Lists (ACLs)
Presentation transcript:

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. CCNA ACLs Deepdive February, 2012 Jaskaran Kalsi Assoc. Technical Manager Europe/CEE/RCIS Cisco Networking Academy

© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 CCNA & ACLs Packet Filtering & ACL Overview Standard ACL Configuration Extended ACL Configuration Demo & Summary

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3  Provide a brief review of ACLs.  Demonstrate a brief example of how ACLs can be administered.  Provide a brief description of the troubleshooting scenarios that are available.  Focus on the use of Packet Tracer as a simulation tool and create an interactive session where the audience troubleshoots and pre- configured network.

Cisco Confidential 4 © 2010 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential 5  ACLs are an area that not only students struggle with but also instructors.  ACLs are covered in both CCNA Discovery & Exploration.  CCNA Exploration:  CCNA Exploration 4 - Chapter 5  ACL theory  ACL examples  Packet Tracer Activities

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6  Controls access to a network  Analyzes incoming and outgoing packets.  Either permits or denies them based on a predefined set of criteria.  Routers act as packet filters  Make decisions based on source & destination IP addresses.  Source port; Destination port; & protocols can also be a determining factors.  ACLs are sequential lists that include the following:  Permit statement.  Deny statements.  They extract info from the packet header and test it against the permit/deny rules.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9 Inbound ACLs Outbound ACLs

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10  Standard Access Control Lists  ACLs numbered 1-99 or  IPv4 & IPv6  Filter solely on Layer 3 source information  Extended Access Control Lists

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11  Standard ACLs - placed as close to the destination as possible  Extended ACLs - placed on routers as close as possible to the source that is being filtered.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 Task: Block host from gaining access on While must be able to communicate with other networks. All other computers from the network of must be able to connect with the network of R2>enable R2#configure terminal R2(config)#access-list 1 deny host R2(config)#access-list 1 permit any R2(config)#interface FastEthernet 0/1 R2(config-if)#ip access-group 1 out

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14  Usually range from and  Extended ACLs check sources & destination address; ports; & protocols.  Hence provide a greater range of control and enhance security.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16  Reflexive ACLs  Dynamically allow reply packets  Work with TCP & UDP sessions initiated internally  Reduced exposure to spoofing and DoS attacks  Dynamic ACLs  Also known as ‘Lock-and-Key’ ACLs  Were available only for IP traffic  Dependent on Telnet connectivity, authentication, & E-ACLs  Time Based ACLs  Allow for access control based upon time of day, day of the week, or day of the month.

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17  Which three statements should be considered when applying ACLs to a Cisco router? (Choose three) a) Place generic ACL entries at the top of the ACL. b) Place more specific ACL entries at the top of the ACL. c) Router-generated packets pass through ACLs without filtering. d) ACLs always search for the most specific entry before taking any filtering action. e) An access list applied to any interface without a configured ACL allows all traffic to pass.

Cisco Confidential 18 © 2010 Cisco and/or its affiliates. All rights reserved.

Cisco Confidential 19

Thank you.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.