Skip to content

ACL

ACL

Types: * IP Standard - 1-99 * IP extended - 100-199 * IP standard expanded - 1300-1999 * IP extended expanded - 2000-2699

Named ACL

You can name an extended ACL, which makes it easier to find. Another advantage is they allow you to remove individual lines out of an ACL. With numbered ACLs, you cannot delete individual lines out of an ACL. You'd have to delete your existing access lit and re-create the entire list.

========================

Standard ACLs: 

access list {1 99 | 1300 19999} (permit | deny) <source address> <wildcard mask>
access list 1 deny 10.0.0.55 0.0.0.0
access list 1 permit 10.0.0.0 0.255.255.255
(This denies all traffic by 10.0.0.55 but allows all of the other 10.0.0.0/24 traffic)

Apply to interface outbound

ip access group

interface eth1

ip access group 1 out

[this will deny traffic outbound from 10.0.0.5]

Extended ACLs:

NEED TO ADD