Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. 

Similar presentations


Presentation on theme: "1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. "— Presentation transcript:

1 1 Access Lists

2 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made.  Implicit “deny” at the end of ACL. Types of ACLs:  Standar  source IP address.  Extended  source and destination IP address, protocol and port. Implementation on a single interface:  Inbound  OUtbound

3 3 Guidelines One ACL per interface per protocol per direction. More specific tests are at the top. Any time a new entry is added, it will be placed at the bottom of the list. You cannot remove one line from an ACL. Every ACL should have at least one “permit” statement. Create ACLs and then apply them to an interface. ACLs are designed to filter traffic going through the router. Standard ACL  close to the destination. Extended ACL  close to the source.

4 4 Standard ACLs access-list list# {permit/deny} source IP address [wildcard mask] [log] uniti(config)#int e0 uniti(config-if)#ip access-group 1 in uniti(config-if)#ip access-group 99 out

5 5 Extended ACLs access-list list# {permit/deny} [protocol] source IP wildcard mask [port] dest IP wildcard mask [port] [established] [log] [other option] uniti(config)#int e0 uniti(config-if)#ip access-group 100 in uniti(config-if)#ip access-group 199 out


Download ppt "1 Access Lists. 2 Introduction ACL (access list)  a list of conditions that categorize packets. Rules:  Sequential order.  Until a match is made. "

Similar presentations


Ads by Google