Computer And Technology

In these blog you will get information about how to make bootable pendrive, N+ , data sharing, cmd related function and other types of courses and technology

Wednesday, 6 March 2019

ACL in Router(Access Control List)

Million Things 01:30 3 comments :

                                ACL (Access Control List)
ACL is use for to set additional level of security into the router.
ACL is a security that set-in router port
ACL are of two type in router
a.    Permit
b.    Deny
c.     Both statements must be set in Router.
If Permit or Deny use in any network use wild card mask (opposite of subnet mask)
ACL are of two type
a.    Standard ACL   from (1-99)
b.    Extended ACL from (99-1999)

Standard ACL
Standard ACL is used for source but apply in destination
Its Range is 1-99
ACL is applying in router interface port. Packet transfer port is 2 type
A.   Incoming
B.   Outgoing
ACL is set in incoming and outgoing port of router


How to configure 

 First Diagram

 Basic Configuration And clock rate
Go to first router in cli mode and type
 No
Router>en
Router#conf t
Router(config)#int s0/0
Router(config-if)#ip address 192.168.30.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#clock rate 64000
Router(config-if)#exit

Router(config)#int f0/0
Router(config-if)#ip address 192.168.10.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit

Go to second router in cli mode
 No
 Router>en
Router#conf t
Router(config)#int s0/0
Router(config-if)#ip address 192.168.30.2 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
          
Router(config)#int f0/0

Router(config-if)#ip address 192.168.20.1 255.255.255.0

Router(config-if)#no shut
Router(config-if)#exit

Now Routing With RIP

In Router first
Router(config)#router rip
Router(config-router)#network 192.168.10.0
Router(config-router)#network 192.168.30.0
Router(config-router)#exit


In Router Second

Router(config)#router rip
Router(config-router)#network 192.168.30.0
Router(config-router)#network 192.168.40.0
Router(config-router)#network 192.168.50.0
Router(config-router)#exit

Now Use Access-list

First make access list 

Access list make in all opposite router 
for example in these case 
Deny IP is in Router 2 so go to first router and Type command 
Access-list space (no. between 1-99) space deny or allow space host space ip 

Go to router First 
Router(config)#access-list 10 deny host 192.168.40.1    →   For deny one I.P.
Router(config)#access-list 10 permit any                         → For allow all network

Now add in port of Router

In these condition go to incoming port

Router(config)#int s0/0
Router(config-if)#ip access-group 10 in
Router(config-if)#exit

Now Testing

Go to router First and ping all ip of router second 
192.168.40.1           ------      Deny
and all other(192.168.1.50.1,  40.1,  30.1)   ---- allow

As shown in picture





  
Extended ACL

Extended ACL to permit or deny ip address or port, it is also apply in destination port
    
     PRACTICAL
     
      DIAGRAM



Subscribe to: Posts ( Atom )

Contact Form

Name

Email *

Message *