5.4 ACL

In networking, ACLs (Access Control Lists) are rules used to control the flow of traffic into or out of a network. They’re used mainly on routers, switches, and firewalls to filter traffic based on specified conditions.

🔐 What an ACL Does

An ACL defines what kind of traffic is allowed or denied. Each rule in the list checks packet attributes like:

• Source IP address
• Destination IP address
• Port numbers (e.g., TCP/UDP ports)
• Protocol (e.g., TCP, UDP, ICMP)

📋 Types of ACLs

1. Standard ACL

   • Filters only by source IP address
   • Example: Allow traffic from 192.168.1.0/24

2. Extended ACL

   • Filters by source/destination IP, ports, and protocol
   • More precise control
   • Example: Allow HTTP traffic from 192.168.1.0/24 to 10.0.0.0/24

3. Named ACL

   • Same as standard/extended but uses a name instead of a number

⚙️ Where ACLs Are Applied

• Inbound: Before the router processes the packet
• Outbound: After processing, before forwarding

✅ Example (Cisco-style)

access-list 100 permit tcp 192.168.1.0 0.0.0.255 any eq 80

This allows HTTP (TCP port 80) traffic from 192.168.1.0/24 to any destination.

IMPORTANT

ACLs are like traffic bouncers. They check the packet “ID” and decide whether to let it in or kick it out.

1. Standard ACL

Play

ACL - 01

Play

ACL - 02

Play

ACL - 02

Types of ACL Various types of IP Access Control Lists (ACLs) and how they can filter network traffic.

Wildcard Bits Explained When you are studying Cisco and access-lists you will encounter the so-called Wildcard Bits.

2. Extended ACL

Play

Extended ACL - 01

Play

Extended ACL - 02

Configuring Extended ACLs (Access Lists) To be more precise when matching a certain network traffic, extended access lists are used.