From the course: Cisco CCNA (200-301) Cert Prep: 3 Security, Automation, and Programmability
Unlock the full course today
Join today to access over 22,600 courses taught by industry experts or purchase this course individually.
Standard access control lists (ACLs)
From the course: Cisco CCNA (200-301) Cert Prep: 3 Security, Automation, and Programmability
Standard access control lists (ACLs)
- [Instructor] Access control lists, or ACLs, are utilized to identify IP addresses and ports for subnets or hosts. So I can match subnet 100.64/24 going anywhere, or I can match host 100.64.0.1 accessing anything on port 80, or I can match 100.64.0.1 source from TCP port 5231 going to host 100.65.65.1 on TCP port 443. I can get quite granular if I need to. While they can be used for filtering traffic on interfaces, they have many more uses. They can be used for matching traffic for QoS, or used for route filtering in dynamic protocols. When using ACLs for interface filtering, directionality is very important. An ACL is applied to an interface using either the keyword in or out. The way I remember which is which is to pretend I'm the router with my hands be the interfaces. For example, if my right hand is the interface I want to do the filtering on, I'll tell myself if I catch it in my hand, the interface, then use the in keyword, if the traffic is leaving through my right hand away…
Contents
-
-
-
Key security concepts4m 18s
-
(Locked)
Security program elements1m 19s
-
(Locked)
Password policy elements2m 27s
-
(Locked)
VPNs2m 43s
-
(Locked)
Standard access control lists (ACLs)4m 49s
-
(Locked)
ACL wildcard masks4m 20s
-
(Locked)
Extended ACLs3m 46s
-
(Locked)
Named ACLs6m 14s
-
(Locked)
Port security4m 18s
-
(Locked)
DHCP snooping3m 33s
-
(Locked)
Dynamic ARP Inspection (DAI)3m 42s
-
-
-