What is Access Control List (ACL) In Computer Networks

Access Control List is used to provide security to of Computer Network. Its used to filter network traffic whether specific user or service block or not. When you will apply ACL on your router interface, then router whether block packet or allow. Its useful feature in network that, you can block specific user or Network to access resources from specific network or server. ACL applied on Router interface, Its can be Inbound traffic or outbound traffic. Inbound traffic means, When packet interring an Router Interface. Outbound Traffic means, When Packet is leaving an Router Interface. Its best practice to apply ACL on inbound traffic, because before route packet its decide that deny or allow, So that its save Router resources.

Access Control List

 

Read Also

There are Three type of Access Control List

  1. Standard Access List.
  2. Extended Access List.
  3. Named Access List.

Access Control List

Standard Access List

Standard Access List is Simple. Its Filter IP Packet on based of Source IP address or Network Address. You can no filter IP packet on the destination IP address, Destination Network Address, Source Port number and Destination port number. It can be allow or deny source IP address or Network.

Standard Access List Range.

IP Standard Range1 – 99
IP Standard Expanded Range 1300 – 1999

Standard ACL Configuration Syntax

Router(config)# Access-list [ACL_number] [permit/deny] [Source IP Address].

Apply ACL on Interface.

Router(config-if)# IP access-list [ACL-number] [In/Out].

Note – You will have to apply Standard ACL on nearest Router Interface of Destination Network.

Extended Access List

Extended Access List is Strong Access List comparison to Standard Access List, Its can be Filter IP Packet based on Source IP Address, Destination IP Address or Network, Source Port number and Destination Port number. It this Access List you also allow or deny TCP and UDP Protocol, such as Telnet, HTTP, FTP, ICMP etc. Its a more flexible for user Network administrator.

IP Extended Range100 – 199
IP Extended Expanded Range2000 – 2699

Extended ACL Configuration Syntax

Router(config)#access-list [ACl_number] [permi/deny] [protoco] [Source_address] [Destination_address] eq [destination_protocol].

Apply on Router Interface

Router(config-if)#IP access-list [ACL-number] [In/Out].

Note – You will have to apply Extended ACL on nearest on Nearest Router Interface of Source Network.

Named Access List

As we know that Standard and Extended Access list define by the number access list, But Named Access List defined by Named instead of number. its can be both Standard and extended. Router IOS 11.2 version or above version support Named access list.

Syntax

Router(config)#IP access-list [Standard/Extended] [ACL_name].

Related Post

Share This onShare on FacebookTweet about this on TwitterShare on LinkedInShare on RedditShare on StumbleUponShare on Google+Pin on PinterestBuffer this pageShare on Tumblr
Rakesh Kumar
at
Rakesh Kumar is a Network engineer and a Blogger. He is crazy for learn and write about Technology , Tech and Computer Tips and Tricks Blog.

Leave a Reply