CCNA

1. Cisco Network Support Certifications 2. Networking Terms 3. INTRODUCTION TO NETWORKING 4. TYPES OF NETWORK 5. The Development of the Internet 6. NETWORK ARCHITECTURE 7. TOPOLOGY 8. BUS TOPOLOGY 9. RING TOPOLOGY 10. STAR TOPOLOGY 11. MESH TOPOLOGY 12. HYBRID TOPOLOGY 13. Speed of Networking device 14. NETWORK DEVICES 15. Exploring Wireless Network 16. REPEATERS 17. HUB 18. SWITCH 19. BRIDGE 20. ROUTERS 21. TRANSMISSION Telecommunication 22. Difference between Full Duplex, Half Duplex and Simplex 23. IP-ADDRESSING and IPV4 24. IPv4 address classes 25. IPV6 [ Internet Protocol Version 6 ] 26. SPEED OF VARIOUS DEVICES 27. Network Security 28. Some basic suggestion and steps to prevent Attacks and Network security 29. OSI model 30. UPPER and LOWER Layer 31. Application Layer (Layer 7) 32. Presentation Layer (Layer 6) 33. Session Layer (Layer 5) 34. Transport Layer (Layer 4) 35. Network Layer (Layer 3) 36. Data Link Layer 2 37. Physical Layer 1 38. TCP/IP The DoD Model 39. ROUTED PROTOCOL 40. Ports and Application 41. Important Application, Protocol and Port Number 42. Router Function 43. Types of Routing Protocols 44. STARTING ROUTER 45. CISCO IOS 46. Logging in to the Router 47. CISCO Router IOS commands List 48. Setting time and date of router 49. Router configuration commands 50. Optimizing Switch and Router 51. Understanding Router Terms 52. ROUTER SECURITY 53. Configuring CISCO SWITCH Security Policy 54. IMPLEMENTING STATIC ROUTING 55. UNDERSTANDING THE NEED FOR NAT 56. WAN Connections 57. Access List [ACL] 58. VLAN [Virtual Local Area Network] 59. SPANNING TREE :- BROADCAST STORM 60. Lab 1 Setting up a Serial Interface 61. Lab 2 : IP Addressing 62. Lab 3 Static Routes 63. Lab 4 Default Routes 64. Lab 5 RIP Routes 65. Lab 6 IGRP Routes 66. Lab 7 EIGRP Routes 67. Lab 8 OSPF Routes 68. Lab 9 CHAP and RIP 69. Lab 10 Standard Access-Lists with RIP 70. Lab 11 Extended Access-Lists with RIP 71. Lab 12 Static NAT 72. Lab 13 Many to One NAT 73. Lab 14 NAT Pool 74. Lab 15 ( 2950 Trunk ) 75. Lab 16 ( 2950 Trunk Dynamic ) 76. Lab 17 (2950 VLANs) 77. Lab 18 ( 2950 Deleting VLANs ) 78. Lab 19 ( 2950 VTP ) 79. Lab 20 ( 2950 VTP w/ client ) 80. Lab 21 ( 2950 Telnet )
Pr.Pg Next Pg

Access List [ACL] tutorials

  • Routers use access lists to control incoming or outgoing traffic. It is integral part of CISCO security solution. It is used to control traffic through a router, but not traffic originating from the router. Characteristics of an access list

  • Access lists describe the traffic type that will be controlled.

  • Access list entries identify either permitted or denied traffic.

  • Access list entries can describe a specific traffic type, or allow or restrict all traffic.

  • When created, an access list contains an implicit "deny" entry at end of the access list. This means that if packet doesnít match the condition on any of the lines in the access list, the packets will be discarded

  • Each access list applies only to a specific protocol.

  • Each router interface can have up to two access lists for each protocol, one for incoming traffic and one for outgoing traffic.

  • When an access list is applied to an interface, it identifies whether the list restricts incoming or outgoing traffic.

  • Each access list can be applied to more than one interface. However, each interface can only have one incoming and one outgoing list.

  • Access lists can be used to log traffic that matches the list statements.

  • When you create an access list, it automatically contains a "deny any" statement, although this statement does not appear in the list itself. For a list to allow any traffic, it must have at least one permit statement, either permitting a specific traffic type or permitting all traffic not specifically restricted.

  • There are two general types of access lists: basic and extended.

 

Standard Access List

  • Standard Access List is used to filter source hostname or source host IP address. It doesnít distinguish among any of other information such as IP, UDP, Telnet

<1-99> IP standard access List

<1300-1999> IP standard access List [expanded range]

 

Router# config terminal

Router(config)# access-list 10 deny 192.168.10.0 255.255.255.0

Router(config)# access-list 10 deny host 192.168.10.50

Router(config)# access-list 10 permit any

Router(config)# exit

Router# show access-list

 

  • Above command will create Access list but donít do anything, now you have to assign this to some interface. Do as follow

 

Router# config terminal

Router(config)#interface serial 0

Router(config)# ip access-group 10 out [in to restrict inbond]

Router(config)# exit

Router# show ip interface serial 0

 

Extended List

  • Extended Access List is used to filter source IP protocol (i.e. IP, TCP, UDP etc), source hostname or host ip address, source or destination socket no, destination hostname or host ip address etc.

<100-199> IP Extended Access List

<2000-2699> IP Extended Access List [expanded range]

 

 

Router# config terminal

Router(config)# access-list 110 permit tcp 192.168.10.0 255.255.255.0

Router(config)# access-list 110 deny tcp 192.168.20.0 255.255.255.0 any eq 21

Router(config)# exit

 

  • Above command will create Access list but donít do anything, now you have to assign this to some interface. Do as follow

 

Router# config terminal

Router(config)#interface serial 0

Router(config)# ip access-group 110 out [in to restrict inbond]

Router(config)# exit

Router# show ip interface serial 0

  • Named Access List : technically there are 2 ACL only i.e. standard and Extended. However named access list are created differently. Functionally they are same.


Pr.Pg border                                              Next Pg