Standard ACL Configuration instance

Last Update:2018-05-29 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Configure the standard aclconfiguration to define this.srccdn.verydemo.comupload2013_05_1513686425240010.jpg alt

The standard ACL Configuration is 650) this. width = 650; "src =" http://cdn.verydemo.com/upload/2013_05_15/13686112240010.jpg "border =" 0 "alt =" "/> lab requirements: 1. Only 172.16.4.0 is allowed to access the network 172.16.3.0 2. Only 172.16.4.13 is allowed to access the network 172.16.3.0 3.

StandardACLConfiguration

650) this. width = 650; "src =" http://cdn.verydemo.com/upload/2013_05_15/13686112240010.jpg "border =" 0 "alt =" "/>

Lab requirements:

1. Only Network 172.16.4.0 is allowed to access network 172.16.3.0

2. Only the host 172.16.4.13 is allowed to access the network 172.16.3.0

3. Block network 172.16.4.0 from accessing network 172.16.3.0

4. Prevent the host from accessing the network 172.16.3.0

5. Only the host 172.16.4.12 can be connected to the vty line of the router.

LabConfiguration:

1. Only Network 172.16.4.0 is allowed to access network 172.16.3.0

R (config) # access-list 1 permit 172.16.4.0 0.0.255

R (config) # int f0/0

R (config-if) # ip access-group 1 out

2. Only the host 172.16.4.13 is allowed to access the network 172.16.3.0

R (config) # access-list 2 host 172.16.4.13

R (config) # int f0/0

R (config-if) ip access-group 2 out

3. Block network 172.16.4.0 from accessing network 172.16.3.0

R (config) # access-list 3 deny 172.16.4.0 0.0.0.255

R (config) # access-list 3 permit 0.0.0.0 255.255.255.255

R (config) # int f0/0

R (config-if) # ip access-group 3 out

4. Prevent the host from accessing the network 172.16.3.0

R (config) # access-list 4 deny host 172.16.4.13

R (config) # access-list 4 permit any

R (config) # int f0/0

R (config-if) # ip access-group 4 out

5. Only the host 172.16.4.12 can be connected to the vty line of the router.

R (config) # enable password wang

R (config) # line vty 0 4

R (config-line) # login

R (config-line) # password tao

R (config) # access-list 5 permit host 172.16.4.12

R (config) # line vty 0 4

R (config-line) # access-class 5 in

Experiment summary:

1. ACL can be used to filter IP packets or identify traffic for specific processing.

2. The ACL executes a top-down process, which can be performed for inbound or outbound traffic.Configuration.

3,StandardThe ACL depends on the nearest destination address.

4. Only one ACL is allowed for each interface, protocol, and direction.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Standard ACL Configuration instance

Contact Us

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support