Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACCESS CONTROL LIST.

Published byKelley Hunt Modified over 8 years ago

Similar presentations

Presentation on theme: "ACCESS CONTROL LIST."— Presentation transcript:

1 ACCESS CONTROL LIST

2 Access Control List It provides Layer 3 security which controls the flow of traffic from one network to another. Filters Packets (Packet Filtering Firewall)

3 Types of ACL ACL Numbered Name Standard Extended Standard Extended

4 192.168.1.0 should not communicate with 192.168.2.0 network
ACL - Network Diagram /8 S0 /8 S0 HYD CHE BAN S1 /8 S1 /8 E0 /24 E0 /24 E0 /24 1.2 1.3 1.4 2.2 2.3 2.4 3.2 3.3 3.4 LAN /24 LAN /24 LAN /24 should not communicate with network

5 Types of Access-list Standard ACL Extended ACL Named ACL

6 Standard Access List The access-list number range is 1 – 99 Can block a Network, Host and Subnet Two way communication is stopped All services are blocked. Implemented closest to the destination. (Guideline) Checks the source IP address.

7 Extended Access List The access-list number range is 100 – 199 Can block a Network, Host, Subnet and Service One way communication is stopped Selected services can be blocked. Checks source, destination IP address & port number. Implemented closest to the source. (Guideline).

8 Terminology Deny : Blocking a Network/Host/Subnet/Service Permit : Allowing a Network/Host/Subnet/Service Source Address : The address of the PC from where the request starts. Show Diagram Destination address : The address of the PC where the request ends. Inbound : Traffic coming into the interface Outbound : Traffic going out of the interface

9 Terminology Protocols : IP - TCP - UDP - ICMP Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) Services : HTTP, FTP, TELNET, DNS, DHCP etc..

10 Wild Card Mask Tells the router which addressing bits must match in the address of the ACL statement. It’s the inverse of the subnet mask, hence is also called as Inverse mask. A bit value of 0 indicates MUST MATCH (Check Bits) A bit value of 1 indicates IGNORE (Ignore Bits) Wild Card Mask for a Host will be always

11 Wild Card Mask A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask Wild Card Mask E.g.

12

13 192.168.1.0 should not communicate with 192.168.2.0 network
ACL - Network Diagram /8 S0 /8 S0 HYD CHE BAN S1 /8 S1 /8 E0 /24 E0 /24 E0 /24 1.1 1.2 1.3 2.1 2.2 2.3 3.1 3.2 3.3 LAN /24 LAN /24 LAN /24 should not communicate with network

Download ppt "ACCESS CONTROL LIST."

Similar presentations

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.
Access Control List (ACL)

Access Control List (ACL)
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
Basic IP Traffic Management with Access Lists

Basic IP Traffic Management with Access Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Access Control Lists Accessing the WAN – Chapter 5.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
Institute of Technology, Sligo Dept of Computing Access Control Lists Semester 3, Chapter 6.

Institute of Technology, Sligo Dept of Computing Access Control Lists Semester 3, Chapter 6.
CCNA 2 v3.1 Module 11.

CCNA 2 v3.1 Module 11.
Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.

Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.
Access Lists Lists of conditions that control access.

Access Lists Lists of conditions that control access.
Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Year 2 - Chapter 6/Cisco 3 - Module 6 ACLs. Objectives  Define and describe the purpose and operation of ACLs  Explain the processes involved in testing.

Similar presentations

Ads by Google