Always create an ACL before applying it to the interface. When modifying or editing an ACL, always
remove the ACL from the interface, make the changes, and then reapply the ACL to the interface.
An outbound (egress) ACL applied to a router interface checks only for traffic traversing through the
router??”that is, traffic going through the router and not traffic originating from the router.
Types of Access Lists
Many types of ACLs can be configured in Cisco IOS. The following lists are the most commonly known and used:
Standard ACLs
Extended ACLs
IP named ACLs
Lock and key (Dynamic ACLs)
Reflexive ACLs
Established ACLs
Time-based ACLs using time ranges
Distributed time-based ACLs
Turbo ACLs
Receive ACLs
Infrastructure protection ACLs
Transit ACLs
Classification ACLs
Debugging traffic using ACLs
Standard ACLs
Standard ACLs are the oldest and one of the most basic types of ACLs. Standard ACLs inspect traffic by
comparing the source address of the IP packets to the addresses configured in the ACL. A standard ACL can be
defined to permit or deny specific source IP addresses only.
The command syntax format to define a numbered standard ACL is the following:
Code View:
access-list access-list-number {deny | permit} source [source-wildcard] [log]
The keyword log causes an informational logging message when the packet matches the access-list statement.
Pages:
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90