ACL's Flashcards
What is the command syntax to create a standard numbered ACL?
router(config)#access-list “access-list-number” {permit | deny} {source [source-wildcard] | host “hostname” | any}
What is the command syntax to apply an ACL?
router(config-if)#ip access-group {access-list-number | access-list-name} {in | out}
What is the command syntax to create an extended numbered ACL that specifies a particular application layer protocol to be filtered?
router(config)#access-list (access-list-number 100-199) {deny | permit} (transport layer protocol) source ip source-wildcard destination ip destination-wildcard eq (port number/application layer protocol) [precedence precedence] [tos tos] [fragments] [time-range time-range-name] [log]
What’s is the command syntax to create an extended named ACL?
config t
ip access-list extended {ACL name}
(config ext-nacl)#[sequence number]
{permit|deny} (transport layer protocol) source ip wildcard mask destination wildcard mask (eq port #/application name)
Create a numbered access list that will block all telnet traffic to the network on which the host 172.16.36.1 /19 resides.
access-list 100 deny tcp any 172.16.32.0 0.0.31.255 eq 23
access-list 100 permit any any
Configure and apply an access list to allow only your host (ip 172.16.1.32) to telnet into your perimeter router.
Router1>enable Router1#configure terminal Router1(configure)#access-list 1 permit 172.16.1.32 Router1(configure)#line vty 0 4 Router1(config-line)#access-class 1 in