Course Hero uses AI to attempt to automatically extract content from documents to surface to you and others so you can study better, e.g., in search results, to enrich docs, and more. This preview shows page 1 - 4 out of 11 pages.
Cisco Networking/CCENT/Access Control ListsThis lesson covers access control lists.Objectives and skills for the access control lists portion of Cisco CCENT certification include:[1]Describe the types, features, and applications of ACLsStandard (editing and sequence numbers)ExtendedNamedNumberedLog optionConfigure and verify ACLs in a network environmentNamedNumberedLog optionConfigure and verify ACLs to filter network trafficConfigure and verify ACLs to limit telnet and SSH access to the router1.Wikipedia: Access control list2.Cisco: Configuring IP Access Lists ()1.YouTube: Access Control Lists - CompTIA Network+ N10-005: 5.2 ()2.Cisco: Introducing Access Control List Operation (-control-list-operation/player.html)Objectives and SkillsReadingsMultimedia
3.YouTube: CCNA CCENT Video Boot Camp: Applying ACLs (Or Not!) ()4.YouTube: Access-List Tutorial ()To define a standard IP access list, use the standard version of the access-list command in global configuration mode.[2]access-list <access-list-number> {deny | permit} <source> [<source-wildcard>] [log]access-list 1 deny 127.0.0.0 0.255.255.255 logaccess-list 1 permit anyTo define an extended IP access list, use the extended version of the access-list command in global configuration mode.[3]access-list <access-list-number> [dynamic <dynamic-name> [timeout <minutes>]] {deny | permit} <protocol><source> <source-wildcard> <destination> <destination-wildcard> [log | log-input]]access-list 101 permit tcp host 192.168.1.2 host 192.168.1.1 eq telnetaccess-list 101 deny tcp any any eq telnet logaccess-list 101 permit ip any anyTo define an IP access list by name, use the ip access-list command in global configuration mode.[4]ip access-list {standard | extended} access-list-nameip access-list standard block-privatedeny 10.0.0.0 0.255.255.255 logExamplesaccess-list (IP standard)access-list (IP extended)ip access-list
ip access-list extended filter-sshpermit tcp host 192.168.1.2 host 192.168.1.1 eq 22deny tcp any any eq 22 logpermit ip any anyTo control access to an interface, use the ip access-group command in interface configuration mode.[5]ip access-group {<access-list-number> | <access-list-name>}{in | out}ip access-group 1 outip access-group block-private outip access-group 101 inip access-group filter-ssh inTo display the contents of current access lists, use the show access-lists privileged EXEC command.[6]show access-lists [<access-list-number> | <access-list-name>]show access-listsshow access-lists 1show access-lists block-privateTo display the contents of all current IP access lists, use the show ip access-list EXEC command.
Upload your study docs or become a
Course Hero member to access this document
Upload your study docs or become a
Course Hero member to access this document
End of preview. Want to read all 11 pages?
Upload your study docs or become a
Course Hero member to access this document
Tags
IP address, Access control lists, Access control list
Newly uploaded documents