Download presentation
Presentation is loading. Please wait.
1
1 Access Lists
2
2 Introduction ACL (access list) a list of conditions that categorize packets. Rules: Sequential order. Until a match is made. Implicit “deny” at the end of ACL. Types of ACLs: Standar source IP address. Extended source and destination IP address, protocol and port. Implementation on a single interface: Inbound OUtbound
3
3 Guidelines One ACL per interface per protocol per direction. More specific tests are at the top. Any time a new entry is added, it will be placed at the bottom of the list. You cannot remove one line from an ACL. Every ACL should have at least one “permit” statement. Create ACLs and then apply them to an interface. ACLs are designed to filter traffic going through the router. Standard ACL close to the destination. Extended ACL close to the source.
4
4 Standard ACLs access-list list# {permit/deny} source IP address [wildcard mask] [log] uniti(config)#int e0 uniti(config-if)#ip access-group 1 in uniti(config-if)#ip access-group 99 out
5
5 Extended ACLs access-list list# {permit/deny} [protocol] source IP wildcard mask [port] dest IP wildcard mask [port] [established] [log] [other option] uniti(config)#int e0 uniti(config-if)#ip access-group 100 in uniti(config-if)#ip access-group 199 out
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.