How to Apply ACLs on Interfaces Examples

By | 9th November 2015

On this page we describe how IP access control lists (ACLs) can filter network traffic. It also contains brief
descriptions of the IP ACL types, feature availability, and an example of use in a network.



We going to Configure standard access-list according to a given set of conditions.

Instructions:

1. Hosts on Router R3 should not be able to access hosts on R2.

2. Only host A on R1 can access hosts on R2.

3. All other communication is allowed. Use standard access lists with ACL 1.

4. Apply the access-list 1 on serial interfaces se0 and se1.

standard acls config

R2>enable
R2#configure terminal
R2(config)#access-list 10 deny 172.16.2.0 0.0.0.255
R2(config)#access-list 10 permit host 172.16.3.2
R2(config)#access-list 10 deny 172.16.3.0 0.0.0.255
R2(config)#access-list 10 permit any
R2(config)#interface se0
R2(config-if)#ip access-group 1 in
R2(config-if)#exit
R2(config)#interface se1
R2(config-if)#ip access-group 1 in
R2(config-if)#exit

With the above configuration, all hosts on Router3 are denied access to hosts on Router2, and a single IP address / host A from router1 is permitted access to router 2 while other addresses / hosts are denied access.

  Extended ACL Configuration

  Complex ACLs

  Dynamic or Lock-and-Key ACL Configuration

  Reflexive ACLs Configuration

Leave a Reply

Your email address will not be published. Required fields are marked *