Access Control List A B

1. The document discusses access control lists (ACLs), which are used to filter network traffic by permitting or denying certain sources or destinations. 2. It provides examples of ACL statements that allow or deny specific IP addresses and subnets using standard or extended ACLs. 3. Wildcard masking is also described, which allows specifying a range of IP addresses to match by using a mask to ignore certain bits of the address.

Uploaded by

Khaled Gamal

Available Formats

Download as DOC, PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

20 views

Access Control List A B

Uploaded by

Khaled Gamal

Available Formats

Download as DOC, PDF, TXT or read online on Scribd

You are on page 1/ 4

Access Control List

A B
S0/1
Fa0/0 S0/0

1. Position: interface of the router

2. condition:Permit/deny
3. direction: In /Out
---------------------------------------------------
4-Arrangement of the statement
172.16.20.1
Deny 172.16.20.1 only
A C B
Access-list 5 permit any Access-list 5 deny 172.16.20.1
Access-list 5 deny 172.16.20.1 Access-list 5 permit any
----------------------------------------------------------------------------------
Permit 172.16.20.1 only
A C B
Access-list 5 deny any Access-list 5 permit 172.16.20.1
Access-list 5 permit 172.16.20.1 Access-list 5 deny any
------------------------------------------------------------------------------------
5- Default of the Access Control List (ACL)
Deny
A C B
Access-list 5 deny any Access-list 5 permit 172.16.20.1
Access-list 5 permit 172.16.20.1

6- The ACL must contain at least one permit statement

Deny 172.16.20.1 only

Access-list 9 deny 172.16.20.1
Aceess-list 9 permit any
------------------------------------------------------------------------------------------------------
access-list access-list-number { permit | deny } { test conditions }

interface ????
{ protocol } access-group access-list-number {in | out}
---------------------------------------------------------------------------------------------------
Standard Access list Extended Access list

Permit or deny all TCP stack permit/deny specific application

1.99 100-199
------------------------------------------------------------------------------------------------
Test condition
Wild card Mask

Permit for IP subnets 172.30.16.16 to 172.30.16.31

Access-list 5 permit 172.30.16.16

Access-list 5 permit 172.30.16.17
Access-list 5 permit 172.30.16.18
Access-list 5 permit 172.30.16.19
….
….
Access-list 5 permit 172.30.16.31

============================================================
|<-------------------------------------------- match ---->|<----- don’t care ----->|
172.30.16 0 0 0 1 0 0 0 0 = 16
172.30.16 0 0 0 1 0 0 0 1 = 17
172.30.16 0 0 0 1 0 0 1 0 = 18
: :
172.30.16 0 0 0 1 1 1 1 1 = 31
-------------------------------------------------------------------------------------------------------
Mask: 0. 0 0 0 0 0 0 1 1 1 1
Wild card mask : 0.0.0.15
IP : 172.30.16.0

-------------------------------------------------------------------------------------------
Condition deny traffic from 192.168.5.64 to 192.168.5.191

Access-list 7 deny 192.168.5.64

192.168.5.01000000 64
192.168.5.01000100 68
192.168.5.01100000 96
192.168.5.01111111 191
--------------------------
0. 0 .0.00111111 = 0.0.0.31
Access-list deny 192.168.5.64 0.0.0.31
-------------------------------------------------------------------------------------------
Condition : deny traffic from 192.168.5.0 to 192.168.5.31
Access-list deny 192.168.5.0 0.0.0.31
0 . 0 .0.00111111
192.168.5.01000000
--------------------------------------------------------------
----------------------------------------
000000
192.168.5.01
111111
192.168.5.64 to
192.168.5.191
---------------------------------
Check for IP subnets 172.30.16.0/24 to 172.30.31.0/24

172.30.16.00000000
172.30.31.11111111
00010000 16
00010010 18
00010100 20
00011111 31
----------------
00001111 11111111
Access-list 45 deny 172.30.16.0
0.0.15.255

-------------------------------------------------
Condition deny traffic from
192.168.15.192 to 192.168.15.230
00011111
Access-list 46 deny 192.168.15.192 0.0.31.0
Access-list 46 deny 192.168.15.224 0.0.0.3
Access-list 46 deny 192.168.15.228 0.0.0.0
Access-list 46 deny 192.168.15.229 0.0.0.0
Access-list 46 deny 192.168.15.230 0.0.0.0

192.168.15.11000000
000000
192.168.15.110

111111
192.168.15.192 to 192.168.15.223
From 224 to 230

DT Range Volume Profile NT8 Handbook
100% (1)
DT Range Volume Profile NT8 Handbook
49 pages
Samsung Account Personal Data 20221213022525
No ratings yet
Samsung Account Personal Data 20221213022525
6 pages
7629-Questions and Answers Sem I
50% (2)
7629-Questions and Answers Sem I
14 pages
Choices For Using Wildcard Masks
No ratings yet
Choices For Using Wildcard Masks
6 pages
How Do Prefix List Work
No ratings yet
How Do Prefix List Work
18 pages
How to Sail Around the World: Advice and Ideas for Voyaging Under Sail
From Everand
How to Sail Around the World: Advice and Ideas for Voyaging Under Sail
Hal Roth
4.5/5 (9)
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
From Everand
Cisco CCNA Command Guide: An Introductory Guide for CCNA & Computer Networking Beginners: Computer Networking, #3
Ramon Nastase
4.5/5 (2)
8624 Assignment 1
100% (1)
8624 Assignment 1
17 pages
DS HZM AUS SITEC Xtend ADG Advanced Digital Governor e
No ratings yet
DS HZM AUS SITEC Xtend ADG Advanced Digital Governor e
6 pages
Acl Examples With Odd - Even Half
No ratings yet
Acl Examples With Odd - Even Half
5 pages
Chapter 11 ACL Highlight Modi Oct 2013
No ratings yet
Chapter 11 ACL Highlight Modi Oct 2013
7 pages
Access Control List Wildcards (Inverse Mask)
No ratings yet
Access Control List Wildcards (Inverse Mask)
15 pages
ACL
No ratings yet
ACL
31 pages
IP Traffic Management With Access Lists
No ratings yet
IP Traffic Management With Access Lists
51 pages
Access List Tutorial
No ratings yet
Access List Tutorial
6 pages
Standard ACL Extended ACL: Internet
No ratings yet
Standard ACL Extended ACL: Internet
17 pages
Access Control Lists - : Access Control Lists (Acls) Can Be Used For Two Purposes On Cisco Devices
No ratings yet
Access Control Lists - : Access Control Lists (Acls) Can Be Used For Two Purposes On Cisco Devices
17 pages
Access List Tutorial
No ratings yet
Access List Tutorial
5 pages
Chapter 10 - Access Control Lists
No ratings yet
Chapter 10 - Access Control Lists
45 pages
CCNA 200-301 Official Cert Guide, Volume 2-29
No ratings yet
CCNA 200-301 Official Cert Guide, Volume 2-29
3 pages
UCCN1004 - Lect07 - ACL and Packet Filtering
No ratings yet
UCCN1004 - Lect07 - ACL and Packet Filtering
63 pages
Standard ACL: Internet
No ratings yet
Standard ACL: Internet
14 pages
Configuring IP Access Lists
No ratings yet
Configuring IP Access Lists
16 pages
Acl
No ratings yet
Acl
15 pages
07 CCNA (Access Control Lists)
No ratings yet
07 CCNA (Access Control Lists)
3 pages
Configuring IP Access Lists: Document ID: 23602
No ratings yet
Configuring IP Access Lists: Document ID: 23602
18 pages
Access Control Lists (Acls)
No ratings yet
Access Control Lists (Acls)
16 pages
ACL - access control list
No ratings yet
ACL - access control list
3 pages
Access List Tutorial
No ratings yet
Access List Tutorial
5 pages
CCNAv2 Chapter 02
No ratings yet
CCNAv2 Chapter 02
22 pages
CCNA Day 15
No ratings yet
CCNA Day 15
4 pages
Exercise 4 - Ques Standard Acl
No ratings yet
Exercise 4 - Ques Standard Acl
2 pages
More Access Control Lists: Eumed - Grnet
No ratings yet
More Access Control Lists: Eumed - Grnet
29 pages
Access Lists
No ratings yet
Access Lists
6 pages
Clase 17. Packet Filtering
No ratings yet
Clase 17. Packet Filtering
70 pages
ACL Config
No ratings yet
ACL Config
18 pages
Access Control Layer (ACL)
No ratings yet
Access Control Layer (ACL)
21 pages
Exercices ACL
100% (1)
Exercices ACL
9 pages
ACL (Access Control List)
No ratings yet
ACL (Access Control List)
5 pages
CCNAv2 Chapter 02
No ratings yet
CCNAv2 Chapter 02
22 pages
ACL (Access Control Lists) (English)
100% (1)
ACL (Access Control Lists) (English)
36 pages
Topic5-Access Control Lists ACL
No ratings yet
Topic5-Access Control Lists ACL
43 pages
CCNA 200-301 Official Cert Guide, Volume 2-27
No ratings yet
CCNA 200-301 Official Cert Guide, Volume 2-27
3 pages
Lab 90
No ratings yet
Lab 90
6 pages
CCNA4 (Chapter4)
No ratings yet
CCNA4 (Chapter4)
3 pages
W11-Presentation-Chapter 9 Access Control Lists
No ratings yet
W11-Presentation-Chapter 9 Access Control Lists
19 pages
Introducing ACL Operation: Access Control Lists
No ratings yet
Introducing ACL Operation: Access Control Lists
38 pages
1
No ratings yet
1
12 pages
3-Access - List Ccna Security Ipv4 Ipv6
No ratings yet
3-Access - List Ccna Security Ipv4 Ipv6
101 pages
Access Control List
No ratings yet
Access Control List
6 pages
Ccna 3 Discovery 4 0 Module 8 - 100 %
100% (7)
Ccna 3 Discovery 4 0 Module 8 - 100 %
11 pages
Route Manipulation
No ratings yet
Route Manipulation
3 pages
CCNA 4 (v5.0.3 + v6.0) Chapter 4 Exam Answers Full
No ratings yet
CCNA 4 (v5.0.3 + v6.0) Chapter 4 Exam Answers Full
16 pages
How Do Prefix List Work
No ratings yet
How Do Prefix List Work
18 pages
ICND210S06_ACL
No ratings yet
ICND210S06_ACL
43 pages
ACLs Standard Access List Jeremy Lab
No ratings yet
ACLs Standard Access List Jeremy Lab
13 pages
Day+34+Slides+ +Standard+ACLs
No ratings yet
Day+34+Slides+ +Standard+ACLs
30 pages
Lec 09,10 - Access Control Lists
No ratings yet
Lec 09,10 - Access Control Lists
21 pages
Access Control Lists: Rick Graziani Cabrillo College
No ratings yet
Access Control Lists: Rick Graziani Cabrillo College
87 pages
ISA Certified Automation Professional (CAP) Associate Study Notes: 500 Study Notes for Accelerated Certification Success
From Everand
ISA Certified Automation Professional (CAP) Associate Study Notes: 500 Study Notes for Accelerated Certification Success
Steve Brown
No ratings yet
IBM System 360 RPG Debugging Template and Keypunch Card
From Everand
IBM System 360 RPG Debugging Template and Keypunch Card
Archive Classics
No ratings yet
ISA Certified Automation Professional (CAP) Associate: Certification Exam Prep: 500 Practice Exam Questions and Explanations
From Everand
ISA Certified Automation Professional (CAP) Associate: Certification Exam Prep: 500 Practice Exam Questions and Explanations
Steve Brown
No ratings yet
Calculated Encryption
From Everand
Calculated Encryption
John C Livingstone
No ratings yet
Control of DC Motor Using Different Control Strategies
From Everand
Control of DC Motor Using Different Control Strategies
Dr. Hidaia Mahmood Alassouli
No ratings yet
SAP Transaction Codes – Volume One
From Everand
SAP Transaction Codes – Volume One
Stan Kubiyevski
5/5 (1)
Dokumen - Tips 3g Kpi Optimization Sheetnokia
No ratings yet
Dokumen - Tips 3g Kpi Optimization Sheetnokia
226 pages
2 TMO18042 UTRAN System Description
No ratings yet
2 TMO18042 UTRAN System Description
57 pages
Diffrence Between HSPA & HSPA+.docx Version 1
No ratings yet
Diffrence Between HSPA & HSPA+.docx Version 1
1 page
Optix RTN 600 Troubleshooting: Internal
No ratings yet
Optix RTN 600 Troubleshooting: Internal
42 pages
Types of Batteries: Power Operation Team
No ratings yet
Types of Batteries: Power Operation Team
16 pages
Rectifiers Basics V1.2020
No ratings yet
Rectifiers Basics V1.2020
69 pages
Orascom Trading Alex 1
No ratings yet
Orascom Trading Alex 1
73 pages
Bbu 3900 Instation Guide
No ratings yet
Bbu 3900 Instation Guide
53 pages
Cisco Certified Network Associate 640-802: Mohammedsn
No ratings yet
Cisco Certified Network Associate 640-802: Mohammedsn
37 pages
Tcp/ip: B. It Uses A Non-Reliable Transport Mechanism C. It Is Less Bandwidth-Intensive Than Connection Oriented Services
No ratings yet
Tcp/ip: B. It Uses A Non-Reliable Transport Mechanism C. It Is Less Bandwidth-Intensive Than Connection Oriented Services
5 pages
Advanced Mobile Comn. Course
No ratings yet
Advanced Mobile Comn. Course
8 pages
Drive Test Interview Questions
No ratings yet
Drive Test Interview Questions
14 pages
Ec83 MCQ 1
No ratings yet
Ec83 MCQ 1
58 pages
Andrew Safwat - Android Developer - Old
No ratings yet
Andrew Safwat - Android Developer - Old
2 pages
How To Create A Local Mirror of The Latest Update For Red Hat Enterprise Linux 5, 6, 7, 8 Without Using Satellite Server?
No ratings yet
How To Create A Local Mirror of The Latest Update For Red Hat Enterprise Linux 5, 6, 7, 8 Without Using Satellite Server?
28 pages
International Ship and Port Facility Security (ISPS) Code: CIRCULAR CAM 01/2013
No ratings yet
International Ship and Port Facility Security (ISPS) Code: CIRCULAR CAM 01/2013
8 pages
Id Key Sirius Act Id Doc en
No ratings yet
Id Key Sirius Act Id Doc en
50 pages
Klook Voucher
No ratings yet
Klook Voucher
3 pages
Drum - Brake Workshop - Manual 2023 BPW en 35192301e
No ratings yet
Drum - Brake Workshop - Manual 2023 BPW en 35192301e
138 pages
Hot Working Cold Working
100% (1)
Hot Working Cold Working
2 pages
Caja de Cambio Caracteristicas T318 PDF
100% (1)
Caja de Cambio Caracteristicas T318 PDF
2 pages
ETI Assignment with answers
No ratings yet
ETI Assignment with answers
10 pages
English Language Notes 5
No ratings yet
English Language Notes 5
2 pages
Google Play Supported Devices - Sheet 1
No ratings yet
Google Play Supported Devices - Sheet 1
206 pages
研究报告-简氏PW8000
No ratings yet
研究报告-简氏PW8000
11 pages
The Three Customer Service Megatrends in 2021 Post Pandemic Customer Service excellenceWhpGWagE5WGT12r9wSbZOBPQsLr50aiQrT21tMLm
No ratings yet
The Three Customer Service Megatrends in 2021 Post Pandemic Customer Service excellenceWhpGWagE5WGT12r9wSbZOBPQsLr50aiQrT21tMLm
15 pages
70-346.examcollection - Premium.exam.110q: Number: 70-346 Passing Score: 800 Time Limit: 120 Min File Version: 9.0
No ratings yet
70-346.examcollection - Premium.exam.110q: Number: 70-346 Passing Score: 800 Time Limit: 120 Min File Version: 9.0
56 pages
Preload Installer
No ratings yet
Preload Installer
1 page
Black Hat Hacker: Crackers or Malicious Hackers
No ratings yet
Black Hat Hacker: Crackers or Malicious Hackers
4 pages
Computer Programming
No ratings yet
Computer Programming
25 pages
Big Data Review
No ratings yet
Big Data Review
8 pages
Basic User'S Guide: MFC-J825DW MFC-J835DW
No ratings yet
Basic User'S Guide: MFC-J825DW MFC-J835DW
154 pages
Practical New
No ratings yet
Practical New
5 pages
Channel Capacity
No ratings yet
Channel Capacity
22 pages
PR Toolkit PDF
No ratings yet
PR Toolkit PDF
40 pages
The Effect of Leading-Edge Tubercle On A Tapered Swept-Back SD7032 Airfoil
No ratings yet
The Effect of Leading-Edge Tubercle On A Tapered Swept-Back SD7032 Airfoil
13 pages
Mesan Datacentre
No ratings yet
Mesan Datacentre
8 pages
11th IP Sample Paper
No ratings yet
11th IP Sample Paper
4 pages
MODULE 5-Rankine Cycle
No ratings yet
MODULE 5-Rankine Cycle
6 pages