Extended ACL
Click here to load reader
-
Upload
cbtvid -
Category
Technology
-
view
607 -
download
0
Transcript of Extended ACL
![Page 1: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/1.jpg)
www.cbtvid.com
extended IP access lists•
Create named access lists•
Objectives
Extended ACL Page 1
![Page 3: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/3.jpg)
www.cbtvid.com
From TCP/IP Protocol Suite p.180 by Behrouz Forouzan McGrawHill
IP Packet
Extended ACL Page 3
![Page 4: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/4.jpg)
www.cbtvid.com
From TCP/IP Protocol Suite p.282 by Behrouz Forouzan McGrawHill
TCP Segment
Extended ACL Page 4
![Page 5: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/5.jpg)
www.cbtvid.com
Can filter by source IP address, destination IP address, protocol type, and application port number
•
Permit or deny a single type of IP protocol○
Filter by a particular port of a particular protocol
○
This granularity allows you to design extended IP access lists that:
•
Extended ACL
Extended ACL Page 5
![Page 6: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/6.jpg)
www.cbtvid.com
• Extended ACL must be configured on the router or firewall closest to the source
• Extended ACLs must be applied to the Interface closest to the source
EACL
Extended ACL Page 6
![Page 8: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/8.jpg)
www.cbtvid.com
Extended ACLs work in the third and forth layer of OSI Reference Model.
•
Extended ACLs work by checking the source and destination IP addresses and ports.
•
Summary
Extended ACL Page 8
![Page 9: Extended ACL](https://reader038.fdocuments.us/reader038/viewer/2022100600/55635ca3d8b42a734b8b4b7c/html5/thumbnails/9.jpg)
www.cbtvid.com
McQuerry, Stephen. (2008) Interconnecting Cisco Network Devices, Part 1 (ICND1): CCNA Exam 640-802 and ICND1 Exam 640-822, 2nd Edition Cisco Press ISBN: 978-1-58705-462-4
Kelly Cannon, Kelly Caudle ,Anthony V. Chiarella (2009) CCNA Guide to Cisco Networking Fundamentals, International Edition, 4th Edition ISBN-13:9780840031198
Reference
Extended ACL Page 9