Standard Access-List Last Updated : 03 Aug, 2022 Comments Improve Suggest changes Like Article Like Report Prerequisite - Access-lists (ACL) Access-list (ACL) is a set of rules defined for controlling network traffic and reducing network attacks. ACLs are used to filter traffic based on the set of rules defined for the incoming or outgoing of the network. Standard Access-list - These are the Access-list which are made using the source IP address only. These ACLs permit or deny the entire protocol suite. They don't distinguish between the IP traffic such as TCP, UDP, HTTPS, etc. By using numbers 1-99 or 1300-1999, the router will understand it as a standard ACL and the specified address as the source IP address. Features - Standard Access-list is generally applied close to destination (but not always). In a standard access list, the whole network or sub-network is denied. Standard access-list uses the range 1-99 and extended range 1300-1999. Standard access-list is implemented using source IP address only. If numbered with standard Access-list is used then remember rules can't be deleted. If one of the rules is deleted then the whole access list will be deleted. If named with standard Access-list is used then you have the flexibility to delete a rule from the access list. Note - Standard Access-list are less used as compared to extended access-list as the entire IP protocol suite will be allowed or denied for the traffic as it can't distinguish between the different IP protocol traffic. Configuration - Here is a small topology in which there are 3 departments namely sales, finance, and marketing. The sales department has a network of 172.16.40.0/24, the Finance department has a network of 172.16.50.0/24, and the marketing department has a network of 172.16.60.0/24. Now, want to deny connection from the sales department to the finance department and allow others to reach that network. Now, first configuring numbered standard access – list for denying any IP connection from sales to finance department. R1# config terminal R1(config)# access-list 10 deny 172.16.40.0 0.0.0.255 Here, like extended access-list, you cannot specify the particular IP traffic to be permitted or denied. Also, note that wildcard mask has been used (0.0.0.255 which means Subnet mask 255.255.255.0). 10 is used from the number standard access-list range. R1(config)# access-list 110 permit ip any Now, as you already know there is an implicit deny at the end of every access list which means that if the traffic doesn’t match any of the rules of the access list then the traffic will be dropped. By specifying any means that source having any IP address traffic will reach the finance department except the traffic which it matches the above rules that you have made. Now, you have to apply the access list on the interface of the router: R1(config)# int fa0/1 R1(config-if)# ip access-group 10 out As you remember that the standard access-list is generally applied to the destination and here also if you apply access-list close to the destination, it will satisfy our need, therefore, outbound to interface fa0/1 has been applied. Named standard Access-list example - Now, considering the same topology, you will make a named standard access list. R1(config)# ip access-list standard blockacl By using this command you have made an access-list named blockacl. R1(config-std-nacl)# deny 172.16.40.0 0.0.0.255 R1(config-std-nacl)# permit any And then the same configuration you have done in numbered access-list. R1(config)# int fa0/1 R1(config-if)# ip access-group blockacl out Standard access-list for Telnet example - As you know, you cannot specify particular IP traffic to be denied in standard access-list but telnet connection can be permitted or denied using standard access-list by applying access-list on line vty lines. Here, in the given figure, you want to deny telnet to the Finance department from any network. Configuring for the same: R1(config)# access-list 10 deny any R1(config)# line vty 0 4 R1(config-line)# access-class 10 out Comment More infoAdvertise with us saurabhsharma56 Follow Improve Article Tags : Misc Computer Networks Practice Tags : Misc Similar Reads CCNA Tutorial for Beginners This CCNA Tutorial is well-suited for the beginner as well as professionals, and It will cover all the basic to advanced concepts of CCNA like Components of Computer Networking, Transport Layer, Network Layer, CCNA training, Cisco Networking, Network Design, Routing and Switching, etc. which are req 8 min read Basics of Computer NetworkingNetwork and CommunicationNetworks and communication involve connecting different systems and devices to share data and information. This setup includes hardware like computers, routers, switches, and modems, as well as software protocols that manage how data flows between these devices. Protocols such as TCP/IP and HTTP are 8 min read LAN Full Form - Local area networkA Local area network (LAN) is a network that is used to link devices in a single office, building, or campus of up to a short distance. LAN is restricted in size. In LAN networks internet speed is from 10 Mbps to 100 Mbps (But now much higher speeds can be achieved). The most common topologies used 10 min read What is OSI Model? - Layers of OSI ModelThe OSI (Open Systems Interconnection) Model is a set of rules that explains how different computer systems communicate over a network. OSI Model was developed by the International Organization for Standardization (ISO). The OSI Model consists of 7 layers and each layer has specific functions and re 13 min read TCP/IP ModelThe TCP/IP model (Transmission Control Protocol/Internet Protocol) is a four-layer networking framework that enables reliable communication between devices over interconnected networks. It provides a standardized set of protocols for transmitting data across interconnected networks, ensuring efficie 7 min read How Data Encapsulation and De-encapsulation Works?Data encapsulation and de-encapsulation are fundamental concepts in computer networking and communication protocols. These processes are essential for transferring data across networks efficiently and securely. What is Data Encapsulation?Encapsulation is the process of adding additional information 4 min read Components of Computer NetworkingNIC Full Form - Network Interface CardNIC stands for Network Interface Card. NIC is additionally called Ethernet or physical or network card. NIC is one of the major and imperative components of associating a gadget with the network. Each gadget that must be associated with a network must have a network interface card. Even the switches 4 min read What is a Network Switch and How Does it Work?The Switch is a network device that is used to segment the networks into different subnetworks called subnets or LAN segments. It is responsible for filtering and forwarding the packets between LAN segments based on MAC address. Switches have many ports, and when data arrives at any port, the destin 9 min read What is Network Hub and How it Works?Hub in networking plays a vital role in data transmission and broadcasting. A hub is a hardware device used at the physical layer to connect multiple devices in the network. Hubs are widely used to connect LANs. A hub has multiple ports. Unlike a switch, a hub cannot filter the data, i.e. it cannot 6 min read Introduction of a RouterNetwork devices are physical devices that allow hardware on a computer network to communicate and interact with one another. For example Repeater, Hub, Bridge, Switch, Routers, Gateway, Router, and NIC, etc. What is a Router?A Router is a networking device that forwards data packets between computer 12 min read Types of Ethernet CableAn ethernet cable allows the user to connect their devices such as computers, mobile phones, routers, etc, to a Local Area Network (LAN) that will allow a user to have internet access, and able to communicate with each other through a wired connection. It also carries broadband signals between devic 5 min read Transport LayerTransport Layer responsibilitiesThe transport Layer is the second layer in the TCP/IP model and the fourth layer in the OSI model. It is an end-to-end layer used to deliver messages to a host. It is termed an end-to-end layer because it provides a point-to-point connection rather than hop-to-hop, between the source host and destin 5 min read Introduction of Ports in ComputersA port is basically a physical docking point which is basically used to connect the external devices to the computer, or we can say that A port act as an interface between the computer and the external devices, e.g., we can connect hard drives, printers to the computer with the help of ports. Featur 3 min read What is TCP (Transmission Control Protocol)?Transmission Control Protocol (TCP) is a connection-oriented protocol for communications that helps in the exchange of messages between different devices over a network. It is one of the main protocols of the TCP/IP suite. In OSI model, it operates at the transport layer(Layer 4). It lies between th 5 min read TCP 3-Way Handshake ProcessThe TCP 3-Way Handshake is a fundamental process that establishes a reliable connection between two devices over a TCP/IP network. It involves three steps: SYN (Synchronize), SYN-ACK (Synchronize-Acknowledge), and ACK (Acknowledge). During the handshake, the client and server exchange initial sequen 6 min read User Datagram Protocol (UDP)User Datagram Protocol (UDP) is a Transport Layer protocol. UDP is a part of the Internet Protocol suite, referred to as UDP/IP suite. Unlike TCP, it is an unreliable and connectionless protocol. So, there is no need to establish a connection before data transfer. The UDP helps to establish low-late 10 min read Network LayerIPv4 Datagram HeaderIP stands for Internet Protocol and v4 stands for Version Four (IPv4). IPv4 was the primary version brought into action for production within the ARPANET in 1983. IP version four addresses are 32-bit integers which will be expressed in decimal notation. In this article, we will discuss about IPv4 da 4 min read Difference between Unicast, Broadcast and Multicast in Computer NetworkThe cast term here signifies some data(stream of packets) is being transmitted to the recipient(s) from the client(s) side over the communication channel that helps them to communicate. Let's see some of the "cast" concepts that are prevailing in the computer networks field. What is Unicast?This typ 5 min read Structure and Types of IP AddressIP addresses are an important part of the Internet. It can be represented as Internet Protocol address. A unique address that identifies the device over the network. They are made up of a series of numbers or alphanumeric characters that help us to identify devices on a network. Almost every device 8 min read IPv4 AddressingWhat is IPv4?IP stands for Internet Protocol version v4 stands for Version Four (IPv4), is the most widely used system for identifying devices on a network. It uses a set of four numbers, separated by periods (like 192.168.0.1), to give each device a unique address. This address helps data find its way from one 5 min read Role of Subnet MaskA subnet mask is a 32-bit number that separates an IP address into two parts: the network ID and the host ID. It tells devices which portion of the address belongs to the network and which identifies individual devices. By doing this it helps to determine which devices belong to the same local netwo 5 min read Introduction of Classful IP AddressingAn IP address is an address that has information about how to reach a specific host, especially outside the LAN. An IP address is a 32-bit unique address having an address space of 232.Classful IP addressing is a way of organizing and managing IP addresses, which are used to identify devices on a ne 11 min read SubnettingIntroduction To SubnettingSubnetting is the process of dividing a large network into smaller networks called "subnets." Subnets provide each group of devices with their own space to communicate, which ultimately helps the network to work easily. This also boosts security and makes it easier to manage the network, as each sub 8 min read Classless Inter Domain Routing (CIDR)Classless Inter-Domain Routing (CIDR) is a method of IP address allocation and IP routing that allows for more efficient use of IP addresses. CIDR is based on the idea that IP addresses can be allocated and routed based on their network prefix rather than their class, which was the traditional way o 6 min read Introduction of Variable Length Subnet Mask (VLSM)Variable Length Subnet Mask (VLSM) is a technique used in IP network design to create subnets with different subnet masks. VLSM allows network administrators to allocate IP addresses more efficiently and effectively, by using smaller subnet masks for subnets with fewer hosts and larger subnet masks 6 min read Private IP Addresses in NetworkingPrivate IP addresses play an important role in computer networking, permitting organizations to build internal networks that communicate securely without conflicting with public addresses. In this article, we will see private IP addresses in networking.What is a Private IP Address?Private IP Address 8 min read Data Link LayerWhat is Ethernet?A LAN is a data communication network connecting various terminals or computers within a building or limited geographical area. The connection between the devices could be wired or wireless. Ethernet, Token rings, and Wireless LAN using IEEE 802.11 are examples of standard LAN technologies.In this a 9 min read What is MAC Address?To communicate or transfer data from one computer to another, we need an address. In computer networks, various types of addresses are introduced; each works at a different layer. A MAC address, which stands for Media Access Control Address, is a physical address that works at the Data Link Layer. I 12 min read What is an IP Address?Imagine every device on the internet as a house. For you to send a letter to a friend living in one of these houses, you need their home address. In the digital world, this home address is what we call an IP (Internet Protocol) Address. It's a unique string of numbers separated by periods (IPv4) or 14 min read Physical LayerEthernet Frame FormatThe basic frame format which is required for all MAC implementation is defined in IEEE 802.3 standard. Though several optional formats are being used to extend the protocol's basic capability. Ethernet frame starts with the Preamble and SFD, both work at the physical layer. The ethernet header conta 8 min read What is Power Over Ethernet (POE)?Power Over Ethernet (POE) is a technique used for building wired Ethernet local area networks (LANs) which use Ethernet data cables instead of normal electrical power cords and wiring to carry the electrical current required to operate each device. The transfer of power through network cabling is po 8 min read Cisco Networking DevicesNetwork Devices (Hub, Repeater, Bridge, Switch, Router, Gateways and Brouter)Network devices are physical devices that allow hardware on a computer network to communicate and interact with each other. Network devices like hubs, repeaters, bridges, switches, routers, gateways, and brouter help manage and direct data flow in a network. They ensure efficient communication betwe 9 min read Collision Detection in CSMA/CDCSMA/CD (Carrier Sense Multiple Access/ Collision Detection) is a media access control method that was widely used in Early Ethernet technology/LANs when there used to be shared Bus Topology and each node ( Computers) was connected by Coaxial Cables. Nowadays Ethernet is Full Duplex and Topology is 7 min read Collision Domain and Broadcast Domain in Computer NetworkPrerequisite - Network Devices, Transmission Modes The most common network devices used are routers and switches. But we still hear people talking about hubs, repeaters, and bridges. Do you ever wonder why these former devices are preferred over the latter ones? One reason could be: 'because they ar 5 min read Difference between layer-2 and layer-3 switchesA switch is a device that sends a data packet to a local network. What is the advantage of a hub? A hub floods the network with the packet and only the destination system receives that packet while others just drop due to which the traffic increases a lot. To solve this problem switch came into the 5 min read Like