Tuesday, March 9, 2010
IP ACCESS-LIST
ACCESS LIST IS WORKS LIKE A FIREWALL,ACCESS-LIST IS USED TO PROTECT YOUR NETWORK FROM UNAUTHORISED CONNECTIONS.
USING ACCESS LIST YOU CAN RESTRICT/ALLOW A PARTICULAR NETWORK OR HOST,
ACCESS-LIST TYPES:
1:STANDARD ACL (1-99)
ONLY DEFINE THE SOURCE ADDRESS
2:EXTENDED ACL (100-199)
DEFINE SOURCE AND DESTINATION AND PORT NO OR PROTOCOL
DENY = NOT ALLOW (RESTRICTION)
PERMIT= ALLOWED
(CONFIG)#ACCESS-LIST 10 DENY HOST 10.0.0.2
(CONFIG)#ACCESS-LIST 10 PERMIT HOST 10.0.0.3
DENY =99%
PERMIT=1%
PERMIT =INVITATION
IMPLICIT DENY
HOW TO APPLY
STEP 1: CREATE A ACCESS-LIST(CREATE RULES)
STEP2: APPLY ON A INTERFACE(APPLY RULES)
(CONFIG)#ACCESS-LIST 3 DENY 192.168.1.0 0.0.0.255
(CONFIG)#ACCESS-LIST 3 DENY 0.0.0.0 0.0.0.0
(CONFIG)#ACCESS-LIST 3 DENY ANY
(CONFIG)#ACCESS-LIST 3 PERMIT ANY
(config)#int f0/0
(config)#ip access-group 10 out
in=inbound recieve the call
out=outbound make a call
out=the packet must pass a routing process
in=the packet not pass a routing process
0=MUST MATCH
255=DON'T CARE
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment