Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Pertemuan 24 Access Control List Fundamentals. Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying.

Published byQuentin Reynolds Modified over 9 years ago

Similar presentations

Presentation on theme: "1 Pertemuan 24 Access Control List Fundamentals. Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying."— Presentation transcript:

1 1 Pertemuan 24 Access Control List Fundamentals

2 Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying ACLs 2

3 What are ACLs? ACLs are lists of conditions used to test network traffic that tries to travel across a router interface. These lists tell the router what types of packets to accept or deny.

4 4 What are ACLs? Note: Much of the beginning of this module are concepts. These concepts will become much clearer once we begin configuring ACLs. An access list is a sequential series of commands or filters. These lists tell the router what types of packets to: –accept or –deny Acceptance and denial can be based on specified conditions. ACLs applied on the router's interfaces.

5 5 What are ACLs? The router examines each packet to determine whether to forward or drop it, based on the conditions specified in the ACL. Some ACL decision points are: –IP source address –IP destination addresses –UDP or TCP protocols –upper-layer (TCP/UDP) port numbers

6 6 What are ACLs? ACLs must be defined on a: –per-protocol (IP, IPX, AppleTalk) –per direction (in or out) –per port (interface) basis. ACLs control traffic in one direction at a time on an interface. A separate ACL would need to be created for each direction, one for inbound and one for outbound traffic. Finally every interface can have multiple protocols and directions defined.

7 7 How ACLs work An ACL is a group of statements that define whether packets are accepted or rejected coming into an interface or leaving an interface. ACL statements operate in sequential, logical order. If a condition match is true, the packet is permitted or denied and the rest of the ACL statements are not checked. If all the ACL statements are unmatched, an implicit "deny any" statement is placed at the end of the list by default. (not visible) When first learning how to create ACLs, it is a good idea to add the implicit deny at the end of ACLs to reinforce the dynamic presence of the command line..

8 Rick Graziani graziani@cabrillo.edu 8 How ACLs work Access list statements operate in sequential, logical order. They evaluate packets from the top down. Once there is an access list statement match, the packet skips the rest of the statements. –If a condition match is true, the packet is permitted or denied. There can be only one access list per protocol per interface. There is an implicit “deny any” at the end of every access list. ACLs do not block packets that originate within the router. (ie. pings, telnets, etc.)

9 Rick Graziani graziani@cabrillo.edu 9 Two types of ACLs Standard IP ACLs –Can only filter on source IP addresses Extended IP ACLs –Can filter on: Source IP address Destination IP address Protocol (TCP, UDP) Port Numbers (Telnet – 23, http – 80, etc.) and other parameters

10 Rick Graziani graziani@cabrillo.edu 10 Creating Standard ACLs – 2 Steps

11 Rick Graziani graziani@cabrillo.edu 11 Creating ACLs – 2 Steps (Standard IP)

12 Protocols with ACLs Specified by Numbers

13 The Function of a Wildcard Mask

14 Verifying ACLs There are many show commands that will verify the content and placement of ACLs on the router. –show ip interface –show access-lists –Show running-config

Download ppt "1 Pertemuan 24 Access Control List Fundamentals. Discussion Topics Introduction ACLs How ACLs work Creating ACLs The function of a wildcard mask Verifying."

Similar presentations

Access Control List (ACL)

Access Control List (ACL)
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
Basic IP Traffic Management with Access Lists

Basic IP Traffic Management with Access Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.

NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
CCNA 2 v3.1 Module 11.

CCNA 2 v3.1 Module 11.
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)

1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.

Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.
Access Lists Lists of conditions that control access.

Access Lists Lists of conditions that control access.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control 172.16.3.0172.16.4.0 Non-172.16.0.0 e0e1 s0 172.16.4.13 server.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.

Similar presentations

Ads by Google