Professional Documents
Culture Documents
CLS Access-list they are everywhrer. Permit 192.168.250 Deny 192.168.1.0/24 Permit tcp port 80 for 200.1.1.1. Permit all TCP traffic for 210.0.1.0/24 What they can be sued for Access control NAT Quality of service Demand dial routing Policy routing Route filtering Making French toast
Adding Access lists capabilities Standard Extended Dynamic Established Time-based Context-based access control
o o o
Matches based on source address Lower processor utilization Affect depends on application
Extended o o o Matches based on source/destination address Higher processor utilization Syntax takes some time to learn
Access list scenario 2: standard VTY access Access list scenario 3: Extended, IP access Access list scenario 4: Extended, TCP access
Scenario 2: Use a standard ACL to prevent Host A from Telnetting or SSHing to R1.
Note: we are just using access list into router VTY Mode.
Note:Now we are deny for telnetting. Extended ACL Scenario 3: Use an extended ACL to prevent Host A from accessing the R2 WAN link.
Note: we can access the remote host because when we try to that hast its destination address is that.
Scenario 4: use an extended ACL to prevent Host A from accessing the CBTNuggets homepages.