Access Control List is used to provide security to of Computer Network. Its used to filter network traffic whether specific user or service block or not. When you will apply ACL on your router interface, then router whether block packet or allow. Its useful feature in network that, you can block specific user or Network to access resources from specific network or server. ACL applied on Router interface, Its can be Inbound traffic or outbound traffic. Inbound traffic means, When packet interring an Router Interface. Outbound Traffic means, When Packet is leaving an Router Interface. Its best practice to apply ACL on inbound traffic, because before route packet its decide that deny or allow, So that its save Router resources.
Access Control List
- What is NAT – Network Address Translation.
- How to Mount Router IOS Image on GNS3 Simulator.
- How to Configure VLAN In Cisco Switch.
- What is Routing Loop In Computer Networking.
There are Three type of Access Control List
- Standard Access List.
- Extended Access List.
- Named Access List.
Standard Access List
Standard Access List is Simple. Its Filter IP Packet on based of Source IP address or Network Address. You can no filter IP packet on the destination IP address, Destination Network Address, Source Port number and Destination port number. It can be allow or deny source IP address or Network.
Standard Access List Range.
|IP Standard Range||1 – 99|
|IP Standard Expanded Range||1300 – 1999|
Standard ACL Configuration Syntax
|Router(config)# Access-list [ACL_number] [permit/deny] [Source IP Address].|
Apply ACL on Interface.
|Router(config-if)# IP access-list [ACL-number] [In/Out].|
Note – You will have to apply Standard ACL on nearest Router Interface of Destination Network.
Extended Access List
Extended Access List is Strong Access List comparison to Standard Access List, Its can be Filter IP Packet based on Source IP Address, Destination IP Address or Network, Source Port number and Destination Port number. It this Access List you also allow or deny TCP and UDP Protocol, such as Telnet, HTTP, FTP, ICMP etc. Its a more flexible for user Network administrator.
|IP Extended Range||100 – 199|
|IP Extended Expanded Range||2000 – 2699|
Extended ACL Configuration Syntax
|Router(config)#access-list [ACl_number] [permi/deny] [protoco] [Source_address] [Destination_address] eq [destination_protocol].|
Apply on Router Interface
|Router(config-if)#IP access-list [ACL-number] [In/Out].|
Note – You will have to apply Extended ACL on nearest on Nearest Router Interface of Source Network.
Named Access List
As we know that Standard and Extended Access list define by the number access list, But Named Access List defined by Named instead of number. its can be both Standard and extended. Router IOS 11.2 version or above version support Named access list.
|Router(config)#IP access-list [Standard/Extended] [ACL_name].|
- What is Dynamic Routing In Computer Networks.
- What is Routing- Type of Routing In Computer Networking.
- How Install Checkpoint GAIA R77 firewall on VMware.
- Computer Networking Interview Question and Answer.
- Windows System Administrator Interview Question and Answer.
- Play Computer Networking Basic Self Test Quiz.