SlideShare une entreprise Scribd logo

Access control list [1]

Télécharger en tant que PPTX, PDF
Summit Bisht
Summit Bisht

Access list complete details for more details go to the netbis education on youtube or website

Formation
1  sur  10
Chapter -11 ACCESS CONTROL LIST Access Control list can be used for two purposes on Cisco devices: 1. To filter traffic 2. To identify traffic 3. To maintain logs
ACCESS LIST Access lists are a set of rules , organized in a rule table. Each rule or line in an access-list provides a condition, either permit or deny. • When using an access-list to filter traffic, a permit statement is used to allow traffic, while a deny statement is used to block traffic. • Similarly when using an access list to identify traffic, a permit statement is used to include traffic. While a deny statement states that the traffic should not be included.
ACCESS LIST Filtering traffic is the primary use of access lists. However , there are several instances when it is necessary to identify traffic using ACLs , including: • Identifying interesting traffic to bring up an ISDN link or VPN tunnel. • Identifying routes to filter or allow in routing updates • Identifying Traffic for QoS purposes
ACCESS LIST TYPES OF ACCESS LIST: Two categories of access list: numbered and named. Numbered access list are broken down into several ranges, 1-99 IP Standard access list 100- 199 IP extended access list 1300- 1999 IP Standard access list [expanded range] 2000 - 2699 IP Extended access list[extended range ]
ACCESS LIST TYPES OF ACCESS LIST: Two categories of access list: numbered and named. Named access list are broken down into two types, IP Standard named access list IP extended named access list You can make limitless named access list in this .or you can say infinite.
ACCESS LIST Wild Card Masks IP access –lists use wildcard masks to determine two things: 1. Which part of an address must match exactly 2. Which part of an address can match any number Used for the filtering the traffic allow /deny Opposite of subnet mask 255.255.0.0 subnet mask 0.0.255.255 wildcard mask
ACCESS LIST Reflective access list Only internal traffic move outside but outer not able to enter [in reflective outer traffic able to enter with matching the source record] It works as a watch guard
ACCESS LIST STANDARD ACCESS LIST As close to destination ALL DECISION BASED ON THE SOURCE IP ADDRESS , THEY DON’T DISTINGUISH BETWEEN ANY OF THE MANY TYPES OF IP TRAFFIC SUCH AS WEB, TELNET , SO ON
ACCESS LIST EXTENDED ACCESS LIST As close to source ALL DECISION BASED ON THE SOURCE AND DESTINATION IP ADDRESS , , THE PROTOCOL FIELD IN THE NETWORK LAYER HEADER AND PORT NUMBER AT THE TRANSPORT LAYER HEADER
Inbound Access List: When an access list is applied to inbound packets on an interface those packets are processed through the access list before being routed to the outbound packet. Outbound Access List: When an access list is applied to outbound packets on an interface being routed to the outbound interface and those packets are processed through the access list ACCESS LIST Test Permit 10.0.0.1 Permit 20.0.0.1 Deny all On single router on particular interface we can only make single ACL Per interface [sub interface] Per direction [in / out] Per protocol [ip / ipx] On router you can make number of ACLs

Recommandé

Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its Types
Netwax Lab
 
Design and Deployment of Enterprise Wirlesss Networks
Design and Deployment of Enterprise Wirlesss NetworksDesign and Deployment of Enterprise Wirlesss Networks
Design and Deployment of Enterprise Wirlesss Networks
Cisco Mobility
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
Netwax Lab
 
Acl
AclAcl
Acl
Raghu Kiran
 
Vlan
Vlan Vlan
Vlan
sanss40
 
CCNA PPT
CCNA PPTCCNA PPT
CCNA PPT
AIRTEL
 
Introduction to Router and Routing Basics
Introduction to Router and Routing BasicsIntroduction to Router and Routing Basics
Introduction to Router and Routing Basics
Darwish Ahmad
 
Dmz
Dmz Dmz
Dmz
أحلام انصارى
 

Recommandé

Access Control List & its Types
Access Control List & its TypesAccess Control List & its Types
Access Control List & its Types
Netwax Lab
 
Design and Deployment of Enterprise Wirlesss Networks
Design and Deployment of Enterprise Wirlesss NetworksDesign and Deployment of Enterprise Wirlesss Networks
Design and Deployment of Enterprise Wirlesss Networks
Cisco Mobility
 
VPN (virtual private network)
VPN (virtual private network) VPN (virtual private network)
VPN (virtual private network)
Netwax Lab
 
Acl
AclAcl
Acl
Raghu Kiran
 
Vlan
Vlan Vlan
Vlan
sanss40
 
CCNA PPT
CCNA PPTCCNA PPT
CCNA PPT
AIRTEL
 
Introduction to Router and Routing Basics
Introduction to Router and Routing BasicsIntroduction to Router and Routing Basics
Introduction to Router and Routing Basics
Darwish Ahmad
 
Dmz
Dmz Dmz
Dmz
أحلام انصارى
 
Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)
ISMT College
 
ipv6 ppt
ipv6 pptipv6 ppt
ipv6 ppt
Shiva Kumar
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
Unni Kannan VijayaKumar
 
Firewall
FirewallFirewall
Firewall
nayakslideshare
 
Subnetting
SubnettingSubnetting
Subnetting
Gichelle Amon
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
Bhagyashri Dhoke
 
Presentation on arp protocol
Presentation on arp protocolPresentation on arp protocol
Presentation on arp protocol
Mohd. Ahmad Siddiqi
 
Subnetting
SubnettingSubnetting
Subnetting
selvakumar_b1985
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N G
avinashkanchan
 
Ccna PPT
Ccna PPTCcna PPT
Ccna PPT
AIRTEL
 
Acl cisco
Acl ciscoAcl cisco
Acl cisco
Tapan Khilar
 
ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
Er. Anmol Bhagat
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
Edgardo Scrimaglia
 
Iptables the Linux Firewall
Iptables the Linux Firewall Iptables the Linux Firewall
Iptables the Linux Firewall
Syed fawad Gillani
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
Dsunte Wilson
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)
sonangrai
 
Protocols for IoT
Protocols for IoTProtocols for IoT
Protocols for IoT
Aravindhan G K
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing
Heba_a
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting Presentation
Touhidul Fahim
 
IP Address - IPv4 & IPv6
IP Address - IPv4 & IPv6IP Address - IPv4 & IPv6
IP Address - IPv4 & IPv6
Adeel Rasheed
 
Chapter 08 - Acl
Chapter 08 - AclChapter 08 - Acl
Chapter 08 - Acl
phanleson
 
Standard & Extended ACL Configuration
Standard & Extended ACL ConfigurationStandard & Extended ACL Configuration
Standard & Extended ACL Configuration
MdAlAmin187
 

Contenu connexe

Tendances

CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
Dsunte Wilson
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting Presentation
Touhidul Fahim
 

Tendances (20)

Access Control List (ACL)
Access Control List (ACL)Access Control List (ACL)
Access Control List (ACL)
 
ipv6 ppt
ipv6 pptipv6 ppt
ipv6 ppt
 
MPLS Presentation
MPLS PresentationMPLS Presentation
MPLS Presentation
 
Firewall
FirewallFirewall
Firewall
 
Subnetting
SubnettingSubnetting
Subnetting
 
Ppt of routing protocols
Ppt of routing protocolsPpt of routing protocols
Ppt of routing protocols
 
Presentation on arp protocol
Presentation on arp protocolPresentation on arp protocol
Presentation on arp protocol
 
Subnetting
SubnettingSubnetting
Subnetting
 
I P S P O O F I N G
I P S P O O F I N GI P S P O O F I N G
I P S P O O F I N G
 
Ccna PPT
Ccna PPTCcna PPT
Ccna PPT
 
Acl cisco
Acl ciscoAcl cisco
Acl cisco
 
ccna networking ppt
ccna networking pptccna networking ppt
ccna networking ppt
 
Ospf.ppt
Ospf.pptOspf.ppt
Ospf.ppt
 
Iptables the Linux Firewall
Iptables the Linux Firewall Iptables the Linux Firewall
Iptables the Linux Firewall
 
CCNA Routing Protocols
CCNA Routing ProtocolsCCNA Routing Protocols
CCNA Routing Protocols
 
Vpn(virtual private network)
Vpn(virtual private network)Vpn(virtual private network)
Vpn(virtual private network)
 
Protocols for IoT
Protocols for IoTProtocols for IoT
Protocols for IoT
 
IPV6 Addressing
IPV6 Addressing IPV6 Addressing
IPV6 Addressing
 
Subnetting Presentation
Subnetting PresentationSubnetting Presentation
Subnetting Presentation
 
IP Address - IPv4 & IPv6
IP Address - IPv4 & IPv6IP Address - IPv4 & IPv6
IP Address - IPv4 & IPv6
 

Similaire à Access control list [1]

Chapter 08 - Acl
Chapter 08 - AclChapter 08 - Acl
Chapter 08 - Acl
phanleson
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
robertoxe
 
CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8
Irsandi Hasan
 
Access control list 2
Access control list 2Access control list 2
Access control list 2
Kishore Kumar
 
access control list(ACL) from data communication and networking
access control list(ACL) from data communication and networkingaccess control list(ACL) from data communication and networking
access control list(ACL) from data communication and networking
tayybahaseeb18
 
ccna presentation 2013
ccna presentation 2013ccna presentation 2013
ccna presentation 2013
RoHit VashIsht
 
Cryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfCryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdf
ahmeddeath6
 

Similaire à Access control list [1] (20)

Chapter 08 - Acl
Chapter 08 - AclChapter 08 - Acl
Chapter 08 - Acl
 
Standard & Extended ACL Configuration
Standard & Extended ACL ConfigurationStandard & Extended ACL Configuration
Standard & Extended ACL Configuration
 
Anilnet
AnilnetAnilnet
Anilnet
 
Acl
AclAcl
Acl
 
Easy steps-cisco-extended-access-list-231
Easy steps-cisco-extended-access-list-231Easy steps-cisco-extended-access-list-231
Easy steps-cisco-extended-access-list-231
 
Access List in Networks
Access List in NetworksAccess List in Networks
Access List in Networks
 
CCNA Access Lists
CCNA Access ListsCCNA Access Lists
CCNA Access Lists
 
5 ip security aaa and acl
5 ip security aaa and acl5 ip security aaa and acl
5 ip security aaa and acl
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
 
Chapter10ccna
Chapter10ccnaChapter10ccna
Chapter10ccna
 
Chapter 10
Chapter 10Chapter 10
Chapter 10
 
Chapter 10
Chapter 10Chapter 10
Chapter 10
 
CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8
 
CCNA_RSE_Chp7.pptx
CCNA_RSE_Chp7.pptxCCNA_RSE_Chp7.pptx
CCNA_RSE_Chp7.pptx
 
Access control list 2
Access control list 2Access control list 2
Access control list 2
 
access control list(ACL) from data communication and networking
access control list(ACL) from data communication and networkingaccess control list(ACL) from data communication and networking
access control list(ACL) from data communication and networking
 
5 ip security dataplace security
5 ip security dataplace security5 ip security dataplace security
5 ip security dataplace security
 
ccna presentation 2013
ccna presentation 2013ccna presentation 2013
ccna presentation 2013
 
Cryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdfCryptography Project by Aelsayed & Kyasser.pdf
Cryptography Project by Aelsayed & Kyasser.pdf
 

Dernier

1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
QucHHunhnh
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
SanaAli374401
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
negromaestrong
 

Dernier (20)

Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
Presentation by Andreas Schleicher Tackling the School Absenteeism Crisis 30 ...
 
Application orientated numerical on hev.ppt
Application orientated numerical on hev.pptApplication orientated numerical on hev.ppt
Application orientated numerical on hev.ppt
 
Accessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impactAccessible design: Minimum effort, maximum impact
Accessible design: Minimum effort, maximum impact
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Measures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SDMeasures of Dispersion and Variability: Range, QD, AD and SD
Measures of Dispersion and Variability: Range, QD, AD and SD
 
An Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdfAn Overview of Mutual Funds Bcom Project.pdf
An Overview of Mutual Funds Bcom Project.pdf
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
ICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptxICT Role in 21st Century Education & its Challenges.pptx
ICT Role in 21st Century Education & its Challenges.pptx
 
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptxBasic Civil Engineering first year Notes- Chapter 4 Building.pptx
Basic Civil Engineering first year Notes- Chapter 4 Building.pptx
 
PROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docxPROCESS RECORDING FORMAT.docx
PROCESS RECORDING FORMAT.docx
 
fourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writingfourth grading exam for kindergarten in writing
fourth grading exam for kindergarten in writing
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Unit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptxUnit-IV- Pharma. Marketing Channels.pptx
Unit-IV- Pharma. Marketing Channels.pptx
 
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
Explore beautiful and ugly buildings. Mathematics helps us create beautiful d...
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024Mehran University Newsletter Vol-X, Issue-I, 2024
Mehran University Newsletter Vol-X, Issue-I, 2024
 
psychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docxpsychiatric nursing HISTORY COLLECTION .docx
psychiatric nursing HISTORY COLLECTION .docx
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Seal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptxSeal of Good Local Governance (SGLG) 2024Final.pptx
Seal of Good Local Governance (SGLG) 2024Final.pptx
 

Access control list [1]

  • 1. Chapter -11 ACCESS CONTROL LIST Access Control list can be used for two purposes on Cisco devices: 1. To filter traffic 2. To identify traffic 3. To maintain logs
  • 2. ACCESS LIST Access lists are a set of rules , organized in a rule table. Each rule or line in an access-list provides a condition, either permit or deny. • When using an access-list to filter traffic, a permit statement is used to allow traffic, while a deny statement is used to block traffic. • Similarly when using an access list to identify traffic, a permit statement is used to include traffic. While a deny statement states that the traffic should not be included.
  • 3. ACCESS LIST Filtering traffic is the primary use of access lists. However , there are several instances when it is necessary to identify traffic using ACLs , including: • Identifying interesting traffic to bring up an ISDN link or VPN tunnel. • Identifying routes to filter or allow in routing updates • Identifying Traffic for QoS purposes
  • 4. ACCESS LIST TYPES OF ACCESS LIST: Two categories of access list: numbered and named. Numbered access list are broken down into several ranges, 1-99 IP Standard access list 100- 199 IP extended access list 1300- 1999 IP Standard access list [expanded range] 2000 - 2699 IP Extended access list[extended range ]
  • 5. ACCESS LIST TYPES OF ACCESS LIST: Two categories of access list: numbered and named. Named access list are broken down into two types, IP Standard named access list IP extended named access list You can make limitless named access list in this .or you can say infinite.
  • 6. ACCESS LIST Wild Card Masks IP access –lists use wildcard masks to determine two things: 1. Which part of an address must match exactly 2. Which part of an address can match any number Used for the filtering the traffic allow /deny Opposite of subnet mask 255.255.0.0 subnet mask 0.0.255.255 wildcard mask
  • 7. ACCESS LIST Reflective access list Only internal traffic move outside but outer not able to enter [in reflective outer traffic able to enter with matching the source record] It works as a watch guard
  • 8. ACCESS LIST STANDARD ACCESS LIST As close to destination ALL DECISION BASED ON THE SOURCE IP ADDRESS , THEY DON’T DISTINGUISH BETWEEN ANY OF THE MANY TYPES OF IP TRAFFIC SUCH AS WEB, TELNET , SO ON
  • 9. ACCESS LIST EXTENDED ACCESS LIST As close to source ALL DECISION BASED ON THE SOURCE AND DESTINATION IP ADDRESS , , THE PROTOCOL FIELD IN THE NETWORK LAYER HEADER AND PORT NUMBER AT THE TRANSPORT LAYER HEADER
  • 10. Inbound Access List: When an access list is applied to inbound packets on an interface those packets are processed through the access list before being routed to the outbound packet. Outbound Access List: When an access list is applied to outbound packets on an interface being routed to the outbound interface and those packets are processed through the access list ACCESS LIST Test Permit 10.0.0.1 Permit 20.0.0.1 Deny all On single router on particular interface we can only make single ACL Per interface [sub interface] Per direction [in / out] Per protocol [ip / ipx] On router you can make number of ACLs