Access lists allow you to group network objects such as IP addresses, services or users and act upon that information. They are most commonly used to permit or deny certain types of traffic though they are used for a variety of other things (filtering out routes for example).
Cisco IOS routers and switches have two types of access control list:
- Standard
Can only filter based on source IP address - Extended
Can filter based on source or destination IP address, or certain Layer-4 protocols such as TCP or UDP
When configuring access control lists (ACL’s) they can be configured as either numbered on named. Numbered ACL’s can not be edited once created. To alter a numbered ACL it must be removed and re-created. Named ACL’s can be modified after creation.