Cisco Basics: Access Lists

Access lists allow you to group network objects such as IP addresses, services or users and act upon that information. They are most commonly used to permit or deny certain types of traffic though they are used for a variety of other things (filtering out routes for example).

Cisco IOS routers and switches have two types of access control list:

  • Standard
    Can only filter based on source IP address
  • Extended
    Can filter based on source or destination IP address, or certain Layer-4 protocols such as TCP or UDP

When configuring access control lists (ACL’s) they can be configured as either numbered on named. Numbered ACL’s can not be edited once created. To alter a numbered ACL it must be removed and re-created. Named ACL’s can be modified after creation.

Continue reading Cisco Basics: Access Lists