Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACCESS CONTROL LIST Slides Prepared By Adeel Ahmed,

Published byCarsten Haupt Modified over 5 years ago

Similar presentations

Presentation on theme: "ACCESS CONTROL LIST Slides Prepared By Adeel Ahmed,"— Presentation transcript:

1 ACCESS CONTROL LIST Slides Prepared By Adeel Ahmed,
Updated By, Syed Ameen Quadri.

2 Access Control List It is a Layer 3 security which controls the flow of traffic from one router to another. It is also called as Packet Filtering Firewall.

3 1.0 should not communicate with 2.0 network
ACL - Network Diagram /8 S0 /8 S0 JIZ S1 /8 JED S1 /8 RYD E0 /24 E0 /24 E0 /24 1.1 1.2 1.3 2.1 2.2 2.3 3.1 3.2 3.3 LAN /24 LAN /24 LAN /24 1.0 should not communicate with 2.0 network

4 Types of Access-list Standard ACL Extended ACL Named ACL

5 Standard Access List The access-list number lies between 1 – 99 Can block a Network, Host and Subnet Two way communication is stopped All services are blocked. Implemented closest to the destination. (Guideline)

6 Extended Access List The access-list number lies between 100 – 199 Can block a Network, Host, Subnet and Service One way communication is stopped Selected services can be blocked. Implemented closest to the source. (Guideline)

7 Terminology Deny : Blocking a Network/Host/Subnet/Service Permit : Allowing a Network/Host/Subnet/Service Source Address : The address of the PC from where the request starts. Show Diagram Destination address : The address of the PC where the request ends. Inbound : Traffic coming into the interface Outbound : Traffic going out of the interface

8 Terminology Protocols : IP - TCP - UDP - ICMP Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) Services : HTTP, FTP, TELNET, DNS, DHCP etc..

9 Wild Card Mask Tells the router which addressing bits must match in the address of the ACL statement. It’s the inverse of the subnet mask, hence is also called as Inverse mask. A bit value of 0 indicates MUST MATCH (Check Bits) A bit value of 1 indicates IGNORE (Ignore Bits) Wild Card Mask for a Host will be always

10 Wild Card Mask A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask Wild Card Mask E.g.

11 1.0 should not communicate with 2.0 network
ACL - Network Diagram /8 S0 /8 S0 JIZ S1 /8 JED S1 /8 RYD E0 /24 E0 /24 E0 /24 1.1 1.2 1.3 2.1 2.2 2.3 3.1 3.2 3.3 LAN /24 LAN /24 LAN /24 1.0 should not communicate with 2.0 network

Download ppt "ACCESS CONTROL LIST Slides Prepared By Adeel Ahmed,"

Similar presentations

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.
Access Control List (ACL)

Access Control List (ACL)
CCENT Study Guide Chapter 12 Security.

CCENT Study Guide Chapter 12 Security.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.

Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.
Access Lists Lists of conditions that control access.

Access Lists Lists of conditions that control access.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control 172.16.3.0172.16.4.0 Non-172.16.0.0 e0e1 s0 172.16.4.13 server.

CCNA2 Routing Perrine modified by Brierley Page 18/6/2015 Module 11 Access Control Non e0e1 s server.
1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen

1 Semester 2 Module 11 Access Control Lists (ACLs) Yuda college of business James Chen


Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing.

Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing.

Similar presentations

Ads by Google