Extended ACL Configuration Example

Extended acl with packet tracer

Packet Tracer Extended Access Lists Configuration

In this lesson we will focus on Extended Access Lists Configuration with Cisco Packet Tracer. We will use the below topology for our packet tracer configuration.

Extended acl with packet tracer


You can DOWNLOAD the Cisco Packet Tracer example with .pkt format at the End of This Lesson.


Like Standard ACL configuration example, we will use one router, one destination server and 3 PCS in common. The switches in the topology will onlu used for port need.

Extended ACLs are a little complex if we compare with Standard ACLs. With Extended ACLs, we can restrict or allow specific things like destination, protocol or port.

In this Extended ACL example, we will allow/deny ICMP protocol through the server. As you know, ICMP is ping protocol. Here, PC0 and PC1 will be allowed and PC2 will be denied.

Extended Access-List Configuration

Let’s start to configure router for our Extended ACL.

For Extended ACLs, we can use Extended Access-List Number range 100 to 199. Here, we will use 100.

Router # configure terminal
Router (config)# ip access-list extended 100 
Router (config-ext-nacl)# permit  icmp  10.0.0.0  0.0.0.3 host 20.0.0.5
Router (config-ext-nacl)# deny  icmp host 10.0.0.5 host 20.0.0.5 host-unreachable
Router (config-ext-nacl)# end
Router # copy run start

You can also DOWNLOAD all the Packet Tracer examples with .pkt format in Packet Tracer Labs section.


We're Sorry!
Full Access is for only IPCisco Crew...
With IPCisco Membership, You Can Access:
• All Certification Courses (Cisco, Juniper, Nokia and Huawei),
• Thousands of Questions (Lesson Quizes and Special Quiz Section),
• Carieer Consultancy, CV/Resume Check, Career Advice Meeting,
• Cheat Sheets, Job Interview Trainings, Network Tools,
You will be Member of a Big IPCisco Community,
You will Learn Network Lessons with Always,
New And Different Learning Styles!
We are waiting for you!

Lesson tags: ACL, access-list, Extended ACL
Back to: CCIE > Access-Lists (ACLs)

Leave a Reply

Your email address will not be published. Required fields are marked *




CCIE