Skip to main content

Access Controls Lists(ACL)




Access Controls  Lists(ACL):
ACL is a set of rules which will allow or deny the traffic moving through the router.
It is a layer 3 security which controls the flow of traffic from one router to another.
It is also called as packet filtering firewall.
ACL is two type:
1.Standard ACL: standard access controls  Lists(ACLs) are the oldest type of access control lists. Standard IP access lists are used to permit/deny traffic only based on source IP address of the IP datagram packets.
Standard Access Control list can be created by using the access-list IOS command.
Function:
The access list number range is 1 -99
Can block a network, host and subnet
Two way communication is stopped
All services are blocked.
Implemented closest to the destination.
Filtering is done based on only source IP address.

2.Extended ACL: Extended Access Control Lists allow you to permit or deny traffic from specific IP addresses to a specific destination IP address and port.it also allows you to specify different types of traffic such as ICMP(Internet Control message Protocol) TCP(Transmission control protocol)UDP(User datagram protocol)
Function:
The access list number range is 100 -199
Can block a network, host ,subnet and service
one way communication is stopped
selected services can be blocked.
Implemented closest to the source.
Checks source, destination, protocol, port no














Comments

Post a Comment

Popular posts from this blog

OSI Layer

Compare and contrast OSI and TCP/IP models : 1.Physical Layer:      it is responsible for moving data form one node to the next.  Function: I. Transmission media II. Types of encoding III. Data rate{no of bits sent each sec} IV. Synchronization of bits. V. Line configuration (Example: point to point , multipoint) VI. Topology (Bus,Star,Ring,Mesh) VII. Transmission (simplex ,half duplex, full duplex) 2.Data like Layer:      it transforms the physical layer into a reliable link. Function: I.Framing: conversion of bits to frames. framing are working in four methods can be used to mark the start to end of frame. i) Character Count: ii) Flag bytes with byte/character staffing iii) Starting and ending flags, with bits staffing iv) Physical bye coding valuations. II.  Physical addressing : header is adding to frame. III. Flow control IV. Error control V. Access control 3.Network Layer:      Re...
Post a Comment
Read more

HOW TO WORK DHCP?

Dynamic Host Configuration Protocol, a  protocol that allows a DHCP server to automatically set TCP/IP network configuration for a client computer. How does work DHCP? 1.Whenever a client computer boots up, it broadcasts a DHCPDISCOVER massage.  it doesn't matter where the client is in airport, at home, in a desert, or in a jungle  it would send this packet looking for a DHCP server.   And the client has no idea if there is any DHCP server closeby therefore broadcast the only way you may notice the destination  IP address is 255.255.255.255. DHCPDISCOVER packet simply says "Hello", is there any DHCP server out there? I want to connect the Internet." 2.supose there is a DHCP server close by  and it hears the DHCPDISCOVER massage. the DHCP server responds with a DHCPOFFER massage.   It is a broadcast UDP packet.   It simply replies :"I hear you. I can lease you this IP address and this subnet mask, so that you can connect to the local network. ...
Post a Comment
Read more