US Region
Grandmetric LLC
Brookfield Place Office
200 Vesey Street
New York, NY 10281
EIN: 98-1615498
+1 302 691 94 10
info@grandmetric.com
EMEA Region
GRANDMETRIC Sp. z o.o.
ul. Metalowa 5, 60-118 Poznań, Poland
NIP 7792433527
+48 61 271 04 43
info@grandmetric.com
Technology: Network Security
Area: ACL
Vendor: Cisco
Software: IOS 12.X , 15.X
Platform: ISR, ASR, Catalyst Switches
Access lists provides basic traffic filtering capabilities. Access lists can be configured for all routed network protocols to filter the packets of those protocols as the packets pass through a router or switch. The main rule is that access list is analyzed top down. First match applies and there is no need to check the rest ACEs (Access List Entries). At the end of ACL there is implicit deny statement.
To configure access list e that denies telnet traffic and allows the rest traffic, use the following command:
Router#configure terminal
Router(config)#ip access-list extended 101
Router(config-ext-nacl)#5 deny tcp any any eq telnet
Router(config-ext-nacl)#10 permit ip any any
Router(config-ext-nacl)#exit
Router(config)#exit
Router#show access-list
To verify access list configuration use:
Extended IP access list 101
5 deny tcp any any eq telnet
10 permit ip any any
Place an order and get discounted Cisco FirePOWER or schedule a call with Grandmetric Engineer