Presentation is loading. Please wait.

Presentation is loading. Please wait.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists.

Published byClementine Barker Modified over 8 years ago

Similar presentations

Presentation on theme: "© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists."— Presentation transcript:

1 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists

2 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 2 Objectives  Explain how ACLs are used to secure a medium-size Enterprise branch office network.  Configure standard ACLs in a medium-size Enterprise branch office network.  Configure extended ACLs in a medium-size Enterprise branch office network.  Describe complex ACLs in a medium-size Enterprise branch office network.  Implement, verify and troubleshoot ACLs in an enterprise network environment.

3 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 3 What is the packet filter?

4 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 4 What is the packet filter?

5 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 5 What is an Access Control List (ACL)?

6 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 6 What is an Access Control List (ACL)?

7 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 7 What is an Access Control List (ACL)?  Inbound ACL flow chart

8 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 8 What is an Access Control List (ACL)?

9 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 9 Types of the Access Control List (ACL)

10 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 10 Types of the Access Control List (ACL)  Explain how Cisco ACLs can be identified using standardized numbering or names

11 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 11 Where to place ACL ?  Standard ACL is placed as close the destination as possible.  Extended ACL is placed as close the source as possible.

12 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 12 ACL best practice

13 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 13 Access Control List configuration  Firstly : from global configuration mode write you ACL sentences  Secondly : apply the ACL under the interface in the appropriate direction

14 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 14 Configure Standard ACLs

15 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 15 Configure Standard ACLs

16 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 16 Wild Card Mask (WCM)

17 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 17 Wild Card Mask (WCM)

18 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 18 Configure Standard ACLs

19 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 19  Write down access-list to deny these hosts Hosts 192.167.1.0/24 to 192.167.1.255/24 all private networks Wild Card Mask (WCM)

20 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 20 Configure Standard ACLs  Explain the process for editing numbered ACLs

21 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 21 Configure Standard ACLs  Explain how to create a named ACL

22 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 22 Configure Standard ACLs  Describe how to monitor and verify ACLs

23 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 23 VTY ACL

24 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 24 Remarking ACL

25 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 25 Configure Standard named ACLs

26 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 26 Configure Extended ACLs

27 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 27 Extended ACL example

28 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 28 Configure Extended ACLs

29 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 29 Extended ACL example

30 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 30 Extended ACL example

31 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 31 Extended ACL example

32 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 32 Describe Complex ACLs  List the three types of complex ACLs

33 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 33 Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network  Explain how and when to use dynamic ACLs

34 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 34 Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network  Explain how and when to use reflexive ACLs

35 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 35 Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network  Explain how and when to use time-based ACLs

36 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 36 Describe Complex ACLs in a Medium-Size Enterprise Branch Office Network  Describe how to troubleshoot common ACL problems

37 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 37 Implement, Verify and Troubleshoot ACLs in an Enterprise Network Environment  Create, place and verify a standard/ extended ACL and verify its placement.  Verify ACL’s functionality and troubleshoot as needed.

38 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 38 Summary  An Access List (ACL) is: A series of permit and deny statements that are used to filter traffic  Standard ACL –Identified by numbers 1 - 99 and 1300 - 1999 –Filter traffic based on source IP address  Extended ACL –Identified by number 100 -199 & 2000 - 2699 –Filter traffic based on Source IP address Destination IP address Protocol Port number

39 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 39 Summary  Named ACL –Used with IOS 11.2 and above –Can be used for either standard or extended ACL  ACL’s use Wildcard Masks (WCM) –Described as the inverse of a subnet mask Reason –0  check the bit –1  ignore the bit

40 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 40 Summary  Implementing ACLs –1 st create the ACL –2 nd place the ACL on an interface Standard ACL are placed nearest the destination Extended ACL are placed nearest the source  Use the following commands for verifying & troubleshooting an ACL –Show access-list –Show interfaces –Show run

41 © 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE 1 Chapter 6 41

Download ppt "© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists."

Similar presentations

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Implementing IP Addressing Services Accessing the WAN – Chapter 7.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 VLANs LAN Switching and Wireless – Chapter 3.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)

1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.

Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.
Lecture Week 7 Implementing IP Addressing Services.

Lecture Week 7 Implementing IP Addressing Services.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 LAN Switching and Wireless Implement Inter-VLAN Routing Chapter 6 Modified.
CISCO NETWORKING ACADEMY Chabot College ELEC 99.08 Access Control Lists - Introduction.

CISCO NETWORKING ACADEMY Chabot College ELEC Access Control Lists - Introduction.

Similar presentations

Ads by Google