Extended Acess Control List ( ACl ) :
- Using Extended Acl we can match Source_ip/Source Network and Destination_ip/Destination_Network and layer 3 protocol and/or a layer 7 protocol using port numbers.
- Extended Acl is applied near to destination .
- One Acl can be applied per interface , per-direction and per layer 3 protocol.
Syntax:
(config)#access-list
ACL_Number = 100-199 , 2000-2699
Protocol : ip ( mean any protocol ) , Eigrp , OSPF , ICMP , TCP , UDP.
Application layer protocol : Telnet,SSH,FTP-data , FTP-control , DHCP, DNS
Task:
1. PC1 cannot ping R2 but can Telnet R2 .
R1(config)#access-list 100 deny icmp host 10.0.0.1 host 12.0.0.2
R1(config)#acess-list 100 pernit ip any any
R1(config)#interface fa0/0 - R1 interface connected to PC1
R1(config-if)#ip acess-group 100 in
R1(config-if)#exit
To verify :
R1(config)#do show access-list
- How can you guarantee a job for students who has no experience in Networking field?
- How to configure VPN between Cisco Router and ASA Firewall?
- How to configure RIPV2 with no auto summary?
- How to configure PAT (Port Address Translation)?
- How to configure Default Routing on Cisco Routers?
- What is the scope of CCNA course in India?
- What is scope of CCIE?
- How to remember 7 layers of OSI Model?
- How much salary can we get after doing CCNA course in Delhi Gurgaon?
- How many CCIE’s are there worldwide?
- Is it possible to pass CCIE Certification in 1st attempt?