IOS: Access List (ACLs)

From wikieduonline
Jump to navigation Jump to search

Configuring IP Access Lists: https://www.cisco.com/c/en/us/support/docs/security/ios-firewall/23602-confaccesslists.html#acltypes


Types of ACLs:

  • Standard ACLs
  • Extended ACLs
  • Lock and Key (Dynamic ACLs)
  • IP Named ACLs, Reflexive ACLs, Time-Based ACLs Using Time Ranges, Commented IP ACL Entries, Context-Based Access Control, Authentication Proxy, Turbo ACLs, Distributed Time-Based ACLs, Receive ACLs, Infrastructure Protection ACLs, Transit ACLs.


Process: Define ACL + Apply ACL to interface



  • router(config)#access-list 101 deny icmp any any
  • router(config)#access-list 101 permit ip any any


  • router(config)#ip access-list extended test
  • router(config-ext-nacl)#permit ip host 2.2.2.2 host 3.3.3.3
  • router(config-ext-nacl)#permit tcp host 1.1.1.1 host 5.5.5.5 eq www
  • router(config-ext-nacl)#permit icmp any any
  • router(config-ext-nacl)#permit udp host 6.6.6.6 10.10.10.0 0.0.0.255 eq domain


To apply ACLs:

  • ip access-group to apply an IPv4 access control list (ACL) to a Layer 3 interface

Related terms[edit]


See also[edit]

Advertising: