US Region

Grandmetric LLC
Brookfield Place Office
200 Vesey Street
New York, NY 10281
EIN: 98-1615498
Phone: +1 302 691 94 10

EMEA Region

ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43

Access List example (Cisco)

Design & Configure

Access List example (Cisco)

Technology: Network Security
Area: ACL
Vendor: Cisco
Software: IOS 12.X , 15.X
Platform: ISR, ASR, Catalyst Switches

Access lists provides basic traffic filtering capabilities. Access lists can be configured for all routed network protocols to filter the packets of those protocols as the packets pass through a router or switch. The main rule is that access list is analyzed top down. First match applies and there is no need to check the rest ACEs (Access List Entries). At the end of ACL there is implicit deny statement.


To configure access list e that denies telnet traffic and allows the rest traffic, use the following command:

Router#configure terminal
Router(config)#ip access-list extended 101
Router(config-ext-nacl)#5 deny tcp any any eq telnet
Router(config-ext-nacl)#10 permit ip any any
Router#show access-list


To verify access list configuration use:

Extended IP access list 101
5 deny tcp any any eq telnet
10 permit ip any any

Author: Marcin Bialy

Cisco Firepower up to 60% discount

Place an order and get discounted Cisco FirePOWER or schedule
a call with Grandmetric Engineer

Get Quote