Standard Access-list:
In Standard Access-list you can filter
source ip address or network address of a packet, it should be placed closest
to the destination. Standard ACl in not as much helpful as compared to Extended
Access-List.Standard ACL to be between 1-99 (IP Standard Access-List) and
1300-1999 (expanded Range).
To apply Standard IP Access-list following command is
used from global configuration mode:
Router(config)#Access-list [1-99] Number permit|deny SOURCE IP_ADDRESS WILDCARD_MASK
Let’s take an Example:
In this diagram we block 192.168.1.2 and 192.168.1.3 IP address
to access facebook.com and google.com we would to create the following
Access-list on Router 2:
R2 (config)#Access-list 10 deny host
192.168.1.2
Access-list 10 deny host 192.168.1.3
Access-list 10 permit any
To apply
this Access-List, we would configure the following on Router 2:
R2(config)#int gig0/0/0
R2(config-if)#ip access-group 10 out
To view IP Access-List configured on the Router:
R2(config)#show ip access-list
Hi. I’m Designer of Blog Magic. I’m CEO/Founder of ThemeXpose. I’m Creative Art Director, Web Designer, UI/UX Designer, Interaction Designer, Industrial Designer, Web Developer, Business Enthusiast, StartUp Enthusiast, Speaker, Writer and Photographer. Inspired to make things looks better.
Useful information
ReplyDelete