Scribd Logo
Upload

Welcome to Scribd!

  • Access List Commands

    Uploaded by

    Deymar Callisaya
    5 views1 page
    asd

    Original Title

    Access List commands

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    asd

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    5 views1 page

    Access List Commands

    Uploaded by

    Deymar Callisaya
    asd

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    Standart Access list

    ====================
    #access-list 1 deny host 10.1.1.1
    #show ip access-list
    R1(config)#int s0/0
    R1(config-if)#ip access-group 1 in
    R1#show access-lists
    R1#no access-list 1

    //borrar access list 1

    Extended Access List


    ====================
    Mas cerca del origen
    R1(config)#access-list 100 deny ip 192.168.1.0 0.0.0.255 192.168.2.128 0.0.0.127
    (config)# access-list 100 permit any any
    R1(config-if)#int fa0/0
    R1#ip access-group 100 in
    R1(config)#ip access-list extended 100
    R1(config-ext-nacl)#11 deny tcp 192.168.1.50 0.0.0.0 192.168.2.50 0.0.0.0 eq 80
    R1(config-ext-nacl)#12 deny tcp 192.168.1.50 0.0.0.0 192.168.2.50 0.0.0.0 eq 443
    R2(config)#ip access-list extended R3_TELNET_SSH
    R2(config-ext-nacl)#permit tcp 192.168.2.0 0.0.0.127 host 10.1.1.1 eq 22
    R2(config-ext-nacl)#permit tcp 192.168.2.0 0.0.0.127 host 10.1.1.1 eq 23
    R2(config-ext-nacl)#deny ip any 192.168.2.0 0.0.0.127 host 10.1.1.1
    R2(config-ext-nacl)#permit any any
    R2(config-if)#int fa0/0
    R2(config-if)#ip access-group R3_TELENET_SSH in
    R2(config)#ip access-list extended PORT_FILTER
    R2(config-ext-nacl)#permit tcp any host 192.168.2.50 eq 25
    R2(config-ext-nacl)#permit tcp any host 192.168.2.50 eq 110
    R2(config-ext-nacl)#permit tcp any host 192.168.2.50 eq 143
    R2(config-if)#int fa0/0
    R2(config-if)#ip access-group PORT_FILTER out
    R2(config-ext-nacl)#deny ip any host 192.168.2.50
    R2(config-ext-nacl)#deny ip any any

    You might also like