Access Control LIst

Eagle7107 · ‎11-12-2007

Im trying to learn ACLs on routers for a CCNA based course im taking in college. They didnt explain to me ACLs very well and i am totally lost to how the ip and wildcard masks configs work. Please any help or websites would be of great assistance.

owillins · ‎11-16-2007

Access Control Lists allow to filter based upon source and destination addressing and ports and are applied individually to each interface that allow for much more granular and secure control of connections.

for more detail

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_tech_note09186a00800a5b9a.shtml

bvsnarayana03 · ‎11-17-2007

Yes it takes a little time to understand acl's. Though the concepts may be understood from books, but practice on paper, simulator or devices definitely helps deeper understanding & boosts the confidence.

ACL's are used to permit or deny IP traffic to or from an interface. Traffic can be identified by either, Ip add,or port, or combination of both. The real catch lies in the inverse mask. The mask when converted to bits, results in 0's & 1's. Where 0's are exact match & 1's are dont care.

ACL's are of 2 types:

Standard : match only sorce Ip add

Extended : matches both src & dst add with ports

Refer the link provided in previous post for detailed study. In future u'll come across the use of acl's for PBR, Natting, distribution lists etc. Enjoy reading.