Standard ACL Configuration With Packet Tracer

standard acl configuration packet tracer

Standard Access List Configuration With Packet Tracer

In this lsson we will see the Standard Access-List and how to configure Standart Access-List in Packet Tracer.
There are three types Access Lists in common. Thse access list types are :

– Standard Access List
– Extended Access List
– Named Access List


You can DOWNLOAD the Cisco Packet Tracer example with .pkt format at the End of This Lesson.

Standard Access-Lists are the simplest one. With Standard Access-List you can check only the source of the IP packets. On the other hand, with Extended Access-Lists, you can check source, destination, specific port and protocols. Lastly, with Named Access-Lists, you can use names instead of the numbers used in standard and extended ACLs. It do not have too much difference, but it is different with its named style.

In this lesson, we will focus on Standart Access-List Configuration with Cisco Paket Tracer. We will focus on the below topology.

standard acl configuration packet tracer

Here, with our Standard Access-List, we will prohibit PC2 to access the server. But PC0 and PC1 can still access the server.

For our Standard Access-List, we can use the ACL Number 1 to 99. These numbers can be 100 to 199, if you use extended ACLs.

Standard Access-List Configuration

Let’s start to write Standard Access-List. We will configure the Standard Access-List on router .

Router # configure terminal
Router (config)# ip access-list standard 1 
Router (config-std-nacl)# permit  10.0.0.2  0.0.0.0
Router (config-std-nacl)# permit  10.0.0.3  0.0.0.0

With this ACL configuration that we have written, we permit PC0 and PC1 to access the server. At the end of ACLs, there is an “Implicit Deny”. These Implicit Deny, prohibits the other IP addresses. Because of the fact that we did not, allow PC2’s IP address, it is autoamtically denied and can not access the server.

Here, there is no need to write but to show how to write deny, I will write the deny command also. As Is aid before, for this scenario, it is not necesary. But, you can write.

Router (config-std-nacl)# deny  10.0.0.4  0.0.0.0
Router (config-std-nacl)# end
Router #  copy run start

Applyin Standard Access-List to the Interface

After creating ACLs, we need to apply this ACL to the interface. For Standard Access-List, it is better to apply this ACL, close to the destination. So, for this configuration, we will apply our standard acceess list to the fastethernet 0/1 interface of the router.In other words, we will add ACL to the server face of the router.

We're Sorry!

Full Access is for only IPCisco Crew...

With IPCisco Membership, You Can Access:

• All Certification Courses (Cisco, Juniper, Nokia and Huawei),
• Thousands of Questions (Lesson Quizes and Special Quiz Section),
• Carieer Consultancy, CV/Resume Check, Career Advice Meeting,
• Cheat Sheets, Job Interview Trainings, Network Tools,
You will be Member of a Big IPCisco Community,
You will Learn Network Lessons with Always,
New And Different Learning Styles!
We are waiting for you!

Lesson tags: ACL, access-list, Standard ACL
Back to: CCIE > Access-Lists (ACLs)

Comments are closed.




CCIE