- Posts: 1
- Thank you received: 0
Access Control List
16 years 8 months ago #25056
by Scooter
Access Control List was created by Scooter
I am studying for my ccna exam but I have difficulty understanding how to create them as well as configure them I have tried packet tracer but it wants me to configure named list I can't get the basic ones right. PLEASE HELP ANY ONE :
- skepticals
- Offline
- Elite Member
Less
More
- Posts: 783
- Thank you received: 0
16 years 8 months ago #25063
by skepticals
Replied by skepticals on topic Re: Access Control List
What is an example of how you are doing it wrong?
16 years 7 months ago #25107
by emperorz
Replied by emperorz on topic Re: Access Control List
When Creating ACL's you need to first know, what traffic you want to allow and what you want to block
A router handles access-lists based on the way you configure them
For example if you need to block ftp access, to a particular n/w ,
you need to first mention the deny statement and then a permit for the rest of the traffic to flow.
For the above example , if you first permit everything and then deny ftp , the router is going to allow all the traffic as it compares the packets to the first statement in the acl list.
Keep always in mind that there is an implicit deny at the end of the acl
Applying these acl's to an interface: Understand on how packets are flowing, in or out from that interface and bind the acl's to that interface accordingly.
example: If traffic is entering in to ethernet interface , and you need an acl on the traffic entering inside, bind the acl inside.
I hope this should help you.......
A router handles access-lists based on the way you configure them
For example if you need to block ftp access, to a particular n/w ,
you need to first mention the deny statement and then a permit for the rest of the traffic to flow.
For the above example , if you first permit everything and then deny ftp , the router is going to allow all the traffic as it compares the packets to the first statement in the acl list.
Keep always in mind that there is an implicit deny at the end of the acl
Applying these acl's to an interface: Understand on how packets are flowing, in or out from that interface and bind the acl's to that interface accordingly.
example: If traffic is entering in to ethernet interface , and you need an acl on the traffic entering inside, bind the acl inside.
I hope this should help you.......
16 years 7 months ago #25127
by anti-hack
Replied by anti-hack on topic Re: Access Control List
Quite well explained Skepticles. The main thingy behind these ACLS is the direction of the traffic that you want to apply it. One normally knows the type of traffic that has to be blocked or allowed, but direction and the interface to apply it on, that requires understanding the nature of the traffic and network.
16 years 7 months ago #25128
by anti-hack
Replied by anti-hack on topic Re: Access Control List
Oops !! sorry, the great reply was from emperorz.
- skepticals
- Offline
- Elite Member
Less
More
- Posts: 783
- Thank you received: 0
16 years 7 months ago #25161
by skepticals
Replied by skepticals on topic Re: Access Control List
Simple mistake, we look the same
Time to create page: 0.134 seconds