Types of Access Lists
|
Rather Have Fast and Secure Remote
Control?
|
Two major types of access lists exist in the Cisco IOS – standard and extended. Standard access lists provide basic filtering capabilities. For example, a standard IP access list only allows the source address of a packet to be used in filtering decisions. Extended access lists allow filtering to be accomplished in a more granular way. For example, an extended IP access list allows packets to be filtered according to source address, destination address, protocol type, port numbers, and so forth. The decision on whether to use standard or extended access lists will depend upon what it is that you are trying to accomplish.
For example, if you simply want to deny access to certain hosts based on their IP address, a standard IP access list would suffice. However, if your needs were more specific, and you wanted to block a certain group of hosts from accessing telnet on a particular server, an extended IP access list would be required.
In the Cisco IOS, access lists are identified numerically. This number not only uniquely identifies an access list, but also specifies the type of list, based on the numeric range it falls into. The list below outlines the numeric ranges associated with different types of access lists. Depending on the protocols supported by your IOS, the list may differ, but the number ranges remain the same.
1-99 IP standard access list
100-199 IP extended access list
200-299 Protocol type-code access list
300-399 DECnet access list
400-499 XNS standard access list
500-599 XNS extended access list
600-699 AppleTalk standard access list
700-799 AppleTalk extended access list
800-899 IPX standard access list
900-999 IPX extended access list
1000-1099 IPX SAP access list
1100-1199 Extended 48-bit MAC address access list
1200-1299 IPX summary address access list
Creating an access list with the number “87” would identify the list as an IP standard access list. The number “907” would identify an IPX extended access list. Access lists do not need to be numbered in any specific order – just be sure to give lists a unique number (in the proper range) that you’ll remember.
Written by Dan DiNicolo - Visit Website
Next post in CCNA Study Guide Chapter 09:
Applying Access Lists to Interfaces
Next post in Access Lists:
Applying Access Lists to Interfaces
Previous post in CCNA Study Guide Chapter 09:
Access List Evaluation Rules
Previous post in Access Lists:
Access List Evaluation Rules
All Tutorials by Category:
- CCDA Study Guide
- CCNA Study Guide Chapter 01
- CCNA Study Guide Chapter 02
- CCNA Study Guide Chapter 03
- CCNA Study Guide Chapter 04
- CCNA Study Guide Chapter 05
- CCNA Study Guide Chapter 06
- CCNA Study Guide Chapter 07
- CCNA Study Guide Chapter 08
- CCNA Study Guide Chapter 09
- CCNA Study Guide Chapter 10
- CCNA Study Guide Chapter 11
- CCNA Study Guide Chapter 12
- Cognos
- Computer Hardware
A
C
D
E
F
G
H
I
L
M
N
Entire site Copyright © 1999-2007 2000Trainers.com, all rights reserved.
Content on this site may not be copied or reproduced in any way without permission.
