Cisco CCNA Exam Tutorial: Configuring Standard Access Lists

Cisco CCNA Exam Tutorial: Configuring Standard Access Lists

Access Control Lists (ACLs) permit a router to allow or deny packets based on a number of criteria. The ACL is configured in style, but is implemented at the port level. An ACL doesn’t take effect until it is applied to an interface using the ip access-group command. Packets may be filtered as they enter or leave an interface. More info

When a packet leaves or enters an interface using an ACL implemented, the packet is compared against the standards of this ACL. If the packet matches the first line of the ACL, the proper”license” or”deny” actions is taken. The line’s standard is analyzed When there’s absolutely no match. If there’s a match, the proper action is required; the line of this ACL is in relation to the package when there’s absolutely not any match.

This procedure proceeds until a match is located, at that time the ACL ceases operating. If no match is found, a default”refuse” happens, and the package won’t be processed. If a packet is not permitted when an ACL is configured, it’ll be subject to the implicit deny at the end of each ACL. This is actually the default behaviour of an ACL and can’t be changed.

A normal ACL is concerned with just 1 variable, the source IP address of this package. The destination isn’t regarded. Extended ACLs consider destination and the origin of this package, and can think about the number. For each differs, the array used ACLs use the ranges 1300-1399 and 1-99; lists that were prolonged utilize 100-199 and 2000.

There are numerous points worth repeating before starting to configure conventional ACLs.

Conventional ACLs consider just the source IP address for games.

The ACL lines have been run from top to bottom. The next is conducted, When there isn’t any game on the line; so forth, and if no game on the next is conducted till there’s a game, or the ACL’s close is attained. This process places significance on these lines’ arrangement.