Professional Documents
Culture Documents
9 3-2-13 Lab Configuring and Verifying Extended ACLs
9 3-2-13 Lab Configuring and Verifying Extended ACLs
a. Configure the ACL on R1. Use 100 for the ACL number.
R1(config)# access-list 100 remark Allow Web & SSH Access
R1(config)# access-list 100 permit tcp host 192.168.10.3 host 10.2.2.1 eq 22
R1(config)# access-list 100 permit tcp any any eq 80
yes
yes
yes
yes
yes
yes
Lab – Configuring and Verifying Extended ACLs
© 2013 Cisco and/or its affiliates. All rights reserved. This document is Cisco
Public. Page 6 of 8
What does the 80 signify in the command output listed above?
3. Why are EIGRP hello packets and routing updates not blocked by the implicit
deny any access control entry
(ACE) or ACL statement of the ACLs applied to R1 and R3?
to make sure we are properly allowing or blocking the correct IP address's so that
we do not make the
network unsafe or unusable.
Both have a use. Extended are stronger and can do more things, but the simplicity
of standard still has its
place to be used over extended. It is all dependent on what you are doing.
because we specifically allowed tcp packets to travel through the network.