Access List example (Cisco)

Design & Configure

Configuration General (15)

Design Corner (7)

DevOps (4)

Enterprise Routing (25)

Enterprise Switching (24)

Enterprise WAN (15)

LAN Security (2)

Network Security (33)

Network Services (3)

SD-WAN (3)

Access List example (Cisco)

Technology: Network Security
Area: ACL
Vendor: Cisco
Software: IOS 12.X , 15.X
Platform: ISR, ASR, Catalyst Switches

Access lists provides basic traffic filtering capabilities. Access lists can be configured for all routed network protocols to filter the packets of those protocols as the packets pass through a router or switch. The main rule is that access list is analyzed top down. First match applies and there is no need to check the rest ACEs (Access List Entries). At the end of ACL there is implicit deny statement.

To configure access list e that denies telnet traffic and allows the rest traffic, use the following command:
Router#configure terminal Router(config)#ip access-list extended 101 Router(config-ext-nacl)#5 deny tcp any any eq telnet Router(config-ext-nacl)#10 permit ip any any Router(config-ext-nacl)#exit Router(config)#exit Router#show access-list

To verify access list configuration use:

Extended IP access list 101 5 deny tcp any any eq telnet 10 permit ip any any

Author: Marcin Bialy

Design & Configure

Access List example (Cisco)

Cisco Firepower up to 60% discount