NetworkClue.com
NetworkClue Home PageHome Contact UsContact ConsultingConsult
Bulletin Board
Internet Services covers Secrets to hosting websites, Hosting your own web server, and using DNS Servers.Operating Systems leads you through the decision of Linux vs. Windows, ideal installations and setups to create an efficient and redundant environment for your business, and great features to make management easier.Routing & Firewalls contains articles that will allow you to take control of your router. Learn how to protect your company with access lists and advanced firewall techniques.Hardware answers the common questions about Switches vs. Hubs, recommends SysAdmin Tools, and recommendations for adequate power protection.Utilities will cover fighting spam, using Anti-Virus programs effectively and the must haves for every administrator's software toolbox.

Firewalls
Cisco
-Cisco IOS
-Cisco Access Lists
-Applying ACLs
-Editing ACLs
-Advanced ACLs
-Compression
Network Equipment
TCP/IP
Search
Amazon Search

Bulletin Board

Cisco Access Control List (ACLs) Samples

By Joshua Erdman
Digital Foundation, inc.

Reusing our example:
Assumptions:
internal network: 63.36.9.0

access-list 101 - Applied to traffic leaving the office (outgoing)

access-list 102 - Applied to traffic entering the office (incoming)

Permit Employees to Web Browse
access-list 101 permit tcp 63.36.9.0 0.0.0.255 any eq 80

access-list 101 permit tcp 63.36.9.0 0.0.0.255 any eq 443

Permit incomming traffic for an established connection - You will always need this line if you plan to filter incomming packets.
access-list 102 permit tcp any 63.36.9.0 0.0.0.255 established

Permit incoming ICMP Ping Requests and incoming response
!Configure ICMP messages (echo:8, echo-reply:0, Dest unreach:3, TTL Exceeded:11)
access-list 102 permit icmp any any echo
access-list 102 permit icmp any any echo-reply

Permit Outgoing ICMP Ping Requests
!Configure ICMP messages (echo:8, echo-reply:0, Dest unreach:3, TTL Exceeded:11)
access-list 102 permit icmp any any echo

Article last reviewed: 03/23/2005

Created by: Digital Foundation, inc.

Copyright © 2002-2005 Digital Foundation, inc. www.networkclue.com

All content of the NetworkClue website is copyrighted. Articles, notes, outlines, and all other materials may not be stored on the Internet or sold or placed by themselves or with other material in any electronic or printed format in whole or part. However materials may be referenced by links to the site.

 

Related Articles:
Access Control Lists
Editing ACLs
Applying ACLs

Books:



 

Cisco Forum Participate in
our forum on
Network Hardware