1.standard acl
Standard all filter the packet based on the source ip address, both way communication blocked.
* types:
1.numbered acl --> 1 to 99
2.named acl
2.Extended acl:
It is used to filter the packet based on the source ip, destination ip, protocols and port number service blocked.
Types:
1.numbered acl -->100 to 199
2.named acl
Syntex of standard acl:
Numbered acl:
router(config)#access-list <num>deny <network id> <wildcard mask>
(or)
router(configure)#access-list<num>deny host <sys. ip>
router(config)#access-list<num> permit any
router(config)#interface fa 0/0
router(config-if)#ip access-group<num>in
Syntex of named acl:
Standard
router(config)#ip access-list standard <name>
router(config-acl)#deny ip <s. id> <wildcard mask>
(or)
router(config-acl)#deny host <sys. ip>
router(config-acl)#permit any
router(config)#interface fa 0/0
router(config-if)#access-group <name>
Extended acl:
Syntex of numbered
router(config)#access-list <num>deny <source id><wildcard mask> <d id>
<wildcard mask>
router(config)#access-list<num>permit<s id><wildcard mask> <d id><wildcard mask>
router (config)#interface fa 0/0
router(config-if)#ip access-group <num> in
Syntex of named acl:
router(config)#ip access-list extended<name>
router(config-acl)#deny ip <s id>
<wildcard mask><d id> <wildcard mask>
router(config-acl)#permit ip <s id> <wildcard mask><d id>
<wild card mask>
router(config)Exit
router(config)#interface fa 0/0
router(config-if)#access-group <name>in
Comments
Post a Comment