An access control list (ACL), with respect to a computer file system, is a list of permissions attached to an object. An ACL specifies which users or system processes are granted access to objects, as well as what operations are allowed on given objects. Each entry in a typical ACL specifies a subject and an operation
Access links goes in 2 different directions:
Inbound—Data flows toward router interface.
Outbound—Data flows away from router interface.
Cisco routers can identify access lists using two methods:
Access list number (All IOS versions)—The number of the access list determines what protocol it is filtering:
(1-99) and (1300-1399)—Standard IP access lists.
(100-199) and (2000-2699)—Extended IP access lists.
(800-899)—Standard IPX access lists.
Access list name (IOS versions > 11.2)—You provide the name of the access list:
Names contain alphanumeric characters.
Names cannot contain spaces or punctuation and must begin with a alphabetic character.
Cisco routers also support two basic types of IP access lists:
Standard—Filter IP packets based on the source address only.
Extended—Filter IP packets based on several attributes, including protocol type, source and destination IP addresses, source and destination TCP/UDP ports, ICMP and IGMP message types.
No comments:
Post a Comment