Presentation is loading. Please wait.

Presentation is loading. Please wait.

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Become an ACL Wizard – Advanced ACL Editing Bogdan Doinea.

Published byAlvin Hindsley Modified over 9 years ago

Similar presentations

Presentation on theme: "Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Become an ACL Wizard – Advanced ACL Editing Bogdan Doinea."— Presentation transcript:

1 Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Become an ACL Wizard – Advanced ACL Editing Bogdan Doinea - bdoinea@cisco.com Assoc. Technical Manager CEE, Russia&CIS Cisco Networking Academy

2 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2 Basic types of ACLs The power of Named ACLs Tips and Tricks The trick to editing Numbered ACLs Technical DEMO

3 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 Numbered ACLs Standard Use only layer 3 source addresses Extended Can filter using layer3/4 information and by source/destination addresses Limitations? When editing, we can only add statements to the end of the ACL access-list 10 permit 192.168.146.0 0.0.1.255 access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet

4 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 Named ACLs have sequence numbers for each entry All ACLs have an implicit, invisible deny statement at the end ONLY if they have at least one statement Recommendation: you should always manually write the deny ip any any rule in order to see if packets matched it ip access-list extended in_to_out permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet log deny ip any any ip access-list extended in_to_out permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet log deny ip any any

5 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 Scenario Ups! Forgot to give IP 10.1.1.3 access through ssh too! Quick solution access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq ssh access-list 101 deny ip 10.1.1.0 0.0.0.255 host 172.16.1.1 access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq telnet access-list 101 permit tcp host 10.1.1.2 host 172.16.1.1 eq ssh access-list 101 deny ip 10.1.1.0 0.0.0.255 host 172.16.1.1 ip access-list extended 101

6 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 Casting: THE ROUTER CCNA

7 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7 Instructor Professional Development One-stop-shop http://lms.netacad.net – for more Knowledge nuggets http://lms.netacad.net Learning through Gaming: Cisco Aspire Become an ACL Wizard! Passport 21 to Entrepreneurship Online communities http://community.netacad.net CCNA Topics dedicated to ACLs

8 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 Basic types of ACLs The power of Named ACLs Tips and Tricks The trick to editing Numbered ACLs Technical DEMO

9 Thank you.

Download ppt "Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Become an ACL Wizard – Advanced ACL Editing Bogdan Doinea."

Similar presentations

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.

Access Control Lists. Types Standard Extended Standard ACLs Use only the packets source address for comparison 1-99.
Configuring and Troubleshooting ACLs

Configuring and Troubleshooting ACLs
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 9: Access Control Lists Routing & Switching.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Access Control Lists John Mowry.
Chapter 9: Access Control Lists

Chapter 9: Access Control Lists
Basic IP Traffic Management with Access Lists

Basic IP Traffic Management with Access Lists
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Configuring IP ACLs.
© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.

© 2006 Cisco Systems, Inc. All rights reserved. ICND v2.3—4-1 Managing IP Traffic with ACLs Introducing ACLs.
© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.

© 2007 Cisco Systems, Inc. All rights reserved.ICND2 v1.0—6-1 Access Control Lists Introducing ACL Operation.
© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 4 – Implementing Firewall Technologies.

© 2012 Cisco and/or its affiliates. All rights reserved. 1 CCNA Security 1.1 Instructional Resource Chapter 4 – Implementing Firewall Technologies.
NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.

NESCOT CATC1 Access Control Lists CCNA 2 v3 – Module 11.
WXES2106 Network Technology Semester 1 2004/2005 Chapter 10 Access Control Lists CCNA2: Module 11.

WXES2106 Network Technology Semester /2005 Chapter 10 Access Control Lists CCNA2: Module 11.
1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 
Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.

Standard, Extended and Named ACL.  In this lesson, you will learn: ◦ Purpose of ACLs  Its application to an enterprise network ◦ How ACLs are used to.
CCNA 2 v3.1 Module 11.

CCNA 2 v3.1 Module 11.
1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)

1 © 2004 Cisco Systems, Inc. All rights reserved. CCNA 2 v3.1 Module 11 Access Control Lists (ACLs)
Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.

Access Lists 1 Network traffic flow and security influence the design and management of computer networks Access lists are permit or deny statements that.
Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.

Implementing Standard and Extended Access Control List (ACL) in Cisco Routers.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. CCNA ACLs Deepdive February, 2012 Jaskaran Kalsi Assoc. Technical Manager.

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. CCNA ACLs Deepdive February, 2012 Jaskaran Kalsi Assoc. Technical Manager.
Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Migrating to IPv6 - Routing with RIPng- Bogdan Doinea -

Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Knowledge Nugget Migrating to IPv6 - Routing with RIPng- Bogdan Doinea -

Similar presentations

Ads by Google