Creating Standard IP Access Control Lists

1.) Plan the Placement of the ACL
    a.)Decide which router, interface and direction the ACL needs to be applied to.
    b.)Standard ACLs should be placed near the destination of the packets
    c.)Standard ACLs only match source ip addresses, so identify the source address in the direction required.

2.) Configure one or more ACLs to accomplish the proper configuration 
     a.)a list is searched sequentially, using first-match logic.
     b.)the default action if a packet does not match the ACL is to drop or discard the packet.

3.) Enable the ACL on chosen router in the correct direction using IN OUT interface subcommands.


I need to add all traffic from network below is what my ACL would look like.

R3#configure terminal
R3(config)#access-list 1 permit
R3(config)#interface s0/0
R3(config-if)#ip access-group 1 in

Breaking down the access-list command

access-list is simply the command
1 idenities that it is a standard ACL list ( values 1-99 and 1,300 - 1,999 are standard lists )
permit is the action mean to allow traffic specifies the source IP addresss \ Network ID of incoming traffic is a wild card mask allowing all traffic from the network to enter the network

No comments:

Post a Comment