Cisco device configuration ACL access control list

Source: Internet
Author: User

Access control list ACL is mainly used in a corporate LAN, some departments or staff access to make rules, traffic filtering, and not only LAN, if you know the external network segment and port, can also be limited.

ACL Considerations:
1) Rule entries in a table cannot have conflicting existence
2) Default deny all traffic for all hosts after ACL table is established
3) Because the ACL table has priority existence all must think well to reject and allow that to be written first
4) ACLs can only be used on a three-layer switch or router
5) Application of ACL includes two steps: Create ACL to apply ACL on port (if VLAN is applied at VLAN port, if no VLAN is applied in physical port)
6) When configuring a named ACL, if the ACL entry does not specify a priority, the newly added default is the last one in the ACL table
7) The same ACL table can be applied to multiple ports, provided that no conflict
8) network device management address, is used for remote administration of the address

ACL configuration process:

The network topology environment below, now want to prohibit 1.1 access to 2.1 of the Web server, but does not affect other communications.

650) this.width=650; "title=" 10.png "src=" http://s3.51cto.com/wyfs02/M01/72/36/wKiom1Xep3ewo7ZkAADGYOFQpFg014.jpg "alt=" Wkiom1xep3ewo7zkaadgyofqpfg014.jpg "/>

1. Configure the 2.1 Web

650) this.width=650; "style=" Float:none; "title=" 1.png "src=" http://s3.51cto.com/wyfs02/M02/72/33/ Wkiol1xeqx3hzpsxaadaz7yx-yy124.jpg "alt=" Wkiol1xeqx3hzpsxaadaz7yx-yy124.jpg "/>

2. Configure the 2.2 Web

650) this.width=650; "style=" Float:none; "title=" 2.png "src=" http://s3.51cto.com/wyfs02/M02/72/36/ Wkiom1xep2xhs8wlaac0apwml5k948.jpg "alt=" Wkiom1xep2xhs8wlaac0apwml5k948.jpg "/>

3. First establish an ACL on the router

650) this.width=650; "style=" Float:none; "title=" 3.png "src=" http://s3.51cto.com/wyfs02/M00/72/33/wKioL1XeqX2Cm9x_ Aaajznfthpk493.jpg "alt=" Wkiol1xeqx2cm9x_aaajznfthpk493.jpg "/>

4. Establish the appropriate rules

650) this.width=650; "style=" Float:none; "title=" 4.png "src=" http://s3.51cto.com/wyfs02/M00/72/36/ Wkiom1xep2wjwfyvaaa1xxwh3tc008.jpg "alt=" Wkiom1xep2wjwfyvaaa1xxwh3tc008.jpg "/>

5. Finally, be sure to add the Allow/disable all entries

650) this.width=650; "style=" Float:none; "title=" 5.png "src=" http://s3.51cto.com/wyfs02/M01/72/33/ Wkiol1xeqx6jkitpaaaee1t2neu700.jpg "alt=" Wkiol1xeqx6jkitpaaaee1t2neu700.jpg "/>

6. Enter the router's inlet, using this ACL

650) this.width=650; "style=" Float:none; "title=" 6.png "src=" http://s3.51cto.com/wyfs02/M01/72/33/ Wkiol1xeqkqtjmpoaabb4fvzpfy102.jpg "alt=" Wkiol1xeqkqtjmpoaabb4fvzpfy102.jpg "/>

7. Test PC and server communication

650) this.width=650; "style=" Float:none; "title=" 7.png "src=" http://s3.51cto.com/wyfs02/M01/72/37/ Wkiom1xeqdhsmmhaaaggq0hr_l0990.jpg "alt=" Wkiom1xeqdhsmmhaaaggq0hr_l0990.jpg "/>

8. Test the PC to access two separate web

650) this.width=650; "style=" Float:none; "title=" 8.png "src=" http://s3.51cto.com/wyfs02/M02/72/33/ Wkiol1xeqkqxawlsaaa4mmxsaxq776.jpg "alt=" Wkiol1xeqkqxawlsaaa4mmxsaxq776.jpg "/>

650) this.width=650; "style=" Float:none; "title=" 9.png "src=" http://s3.51cto.com/wyfs02/M02/72/37/ Wkiom1xeqdlckov7aabq_zs_tuk788.jpg "alt=" Wkiom1xeqdlckov7aabq_zs_tuk788.jpg "/>

Cisco device configuration ACL access control list

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.