Home > Others

Cisco device configuration ACL access control list

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Access control list ACL is mainly used in a corporate LAN, some departments or staff access to make rules, traffic filtering, and not only LAN, if you know the external network segment and port, can also be limited.

ACL Considerations:
1) Rule entries in a table cannot have conflicting existence
2) Default deny all traffic for all hosts after ACL table is established
3) Because the ACL table has priority existence all must think well to reject and allow that to be written first
4) ACLs can only be used on a three-layer switch or router
5) Application of ACL includes two steps: Create ACL to apply ACL on port (if VLAN is applied at VLAN port, if no VLAN is applied in physical port)
6) When configuring a named ACL, if the ACL entry does not specify a priority, the newly added default is the last one in the ACL table
7) The same ACL table can be applied to multiple ports, provided that no conflict
8) network device management address, is used for remote administration of the address

ACL configuration process:

The network topology environment below, now want to prohibit 1.1 access to 2.1 of the Web server, but does not affect other communications.

650) this.width=650; "title=" 10.png "src=" http://s3.51cto.com/wyfs02/M01/72/36/wKiom1Xep3ewo7ZkAADGYOFQpFg014.jpg "alt=" Wkiom1xep3ewo7zkaadgyofqpfg014.jpg "/>

1. Configure the 2.1 Web

650) this.width=650; "style=" Float:none; "title=" 1.png "src=" http://s3.51cto.com/wyfs02/M02/72/33/ Wkiol1xeqx3hzpsxaadaz7yx-yy124.jpg "alt=" Wkiol1xeqx3hzpsxaadaz7yx-yy124.jpg "/>

2. Configure the 2.2 Web

650) this.width=650; "style=" Float:none; "title=" 2.png "src=" http://s3.51cto.com/wyfs02/M02/72/36/ Wkiom1xep2xhs8wlaac0apwml5k948.jpg "alt=" Wkiom1xep2xhs8wlaac0apwml5k948.jpg "/>

3. First establish an ACL on the router

650) this.width=650; "style=" Float:none; "title=" 3.png "src=" http://s3.51cto.com/wyfs02/M00/72/33/wKioL1XeqX2Cm9x_ Aaajznfthpk493.jpg "alt=" Wkiol1xeqx2cm9x_aaajznfthpk493.jpg "/>

4. Establish the appropriate rules

650) this.width=650; "style=" Float:none; "title=" 4.png "src=" http://s3.51cto.com/wyfs02/M00/72/36/ Wkiom1xep2wjwfyvaaa1xxwh3tc008.jpg "alt=" Wkiom1xep2wjwfyvaaa1xxwh3tc008.jpg "/>

5. Finally, be sure to add the Allow/disable all entries

650) this.width=650; "style=" Float:none; "title=" 5.png "src=" http://s3.51cto.com/wyfs02/M01/72/33/ Wkiol1xeqx6jkitpaaaee1t2neu700.jpg "alt=" Wkiol1xeqx6jkitpaaaee1t2neu700.jpg "/>

6. Enter the router's inlet, using this ACL

650) this.width=650; "style=" Float:none; "title=" 6.png "src=" http://s3.51cto.com/wyfs02/M01/72/33/ Wkiol1xeqkqtjmpoaabb4fvzpfy102.jpg "alt=" Wkiol1xeqkqtjmpoaabb4fvzpfy102.jpg "/>

7. Test PC and server communication

650) this.width=650; "style=" Float:none; "title=" 7.png "src=" http://s3.51cto.com/wyfs02/M01/72/37/ Wkiom1xeqdhsmmhaaaggq0hr_l0990.jpg "alt=" Wkiom1xeqdhsmmhaaaggq0hr_l0990.jpg "/>

8. Test the PC to access two separate web

650) this.width=650; "style=" Float:none; "title=" 8.png "src=" http://s3.51cto.com/wyfs02/M02/72/33/ Wkiol1xeqkqxawlsaaa4mmxsaxq776.jpg "alt=" Wkiol1xeqkqxawlsaaa4mmxsaxq776.jpg "/>

650) this.width=650; "style=" Float:none; "title=" 9.png "src=" http://s3.51cto.com/wyfs02/M02/72/37/ Wkiom1xeqdlckov7aabq_zs_tuk788.jpg "alt=" Wkiom1xeqdlckov7aabq_zs_tuk788.jpg "/>

Cisco device configuration ACL access control list

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
access control list php cisco wifi access point configuration nac network access control cisco cisco access point configuration example cli remote access vpn configuration on cisco router cisco 1120 secure access control system configuration management document control

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More