Scribd
Upload
40 views2 pages

ACL Standard

This document provides instructions for configuring standard ACLs on a router to restrict data flow from one network to another. It describes creating an ACL on router R2 to deny traffic from host 192.168.1.2 and permit all other traffic, and applying it outbound on interface fa0/0. Testing shows ping requests from PC0 on network 192.168.1.0 to devices on 192.168.2.0 are unsuccessful, indicating the ACL is working as intended.

Uploaded by

Alireza Jafari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
40 views2 pages

ACL Standard

This document provides instructions for configuring standard ACLs on a router to restrict data flow from one network to another. It describes creating an ACL on router R2 to deny traffic from host 192.168.1.2 and permit all other traffic, and applying it outbound on interface fa0/0. Testing shows ping requests from PC0 on network 192.168.1.0 to devices on 192.168.2.0 are unsuccessful, indicating the ACL is working as intended.

Uploaded by

Alireza Jafari
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 2

Configuring ACL (Access Control List)

In this lab you’ll be configuring and applying standard ACLs (1-99).


Standard ACLs are used to filter data based on source address and should
be applied as close to the destination as possible.

Create a topology like below:

Configure the IP address on interfaces and DHCP Pools for network


192.168.1.0 and 192.168.2.0 or R1 and R2 respectively.

Assign the IP address to end devices and configure routing on R1 and R2.
I have configured EIGRP 10 here.

Now, we will configure the ACL to restrict the data flow from PC0 to the
destination network 192.168.2.0

Use the commands below to create and apply the standard ACL on R2.

R2(config)#access-list 10 deny host 192.168.1.2


R2(config)#access-list 10 permit any
R2(config)#
R2(config)#interface fa 0/0
R2(config-if)#ip access-group 10 out
Telegram Channel for Jobs - https://t.me/nwopenings
Telegram Group for Discussions - https://t.me/pynetlabs
LinkedIn for Latest Updates - https://www.linkedin.com/company/pynetlabs
R2(config-if)#exit

Now, it’s time to verify if PC0 is able to communicate with the devices of
network 192.168.2.0 for which we’ll ping PC2/PC3 from PC0.

C:\>ping 192.168.2.2

Pinging 192.168.2.2 with 32 bytes of data:

Reply from 192.168.1.1: Destination host unreachable.


Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.
Reply from 192.168.1.1: Destination host unreachable.

Ping statistics for 192.168.2.2:


Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

C:\>

We get ‘Destination host unreachable’ as a reply from our gateway through


which we can conclude that our ACL configuration was successful. Try
pinging PC2/PC3 from PC1 and you’ll be able to communicate because we
are permitting the traffic from rest of the users by using the command
‘access-list 10 permit any’.

You can check the details about access lists by running the command ‘show
access-lists’ in the enable mode of the router.

Telegram Channel for Jobs - https://t.me/nwopenings


Telegram Group for Discussions - https://t.me/pynetlabs
LinkedIn for Latest Updates - https://www.linkedin.com/company/pynetlabs

You might also like