Register now or log in to join your professional community.
Extended ACLs allow protocols as well as ports and services to be specified and applied to both networks and individual IP addresses.
The example below of an Extended ACL will permit all hosts on the network to connect to WWW services, but only allow the host with IP address .1.1.5 to connect to external SSH services. All other types of traffic originated by all hosts are denied by the implicit deny present at the end of all basic as well as extended ACLs:
Router(config)# ip access-list extended testextacl
Router(config-ext-nacl)# permit tcp any any eq www
Router(config-ext-nacl)# permit tcp host.1.1.5 any eq ssh
Router(config-ext-nacl)# exit
Hope this helps :)
In general ACLs (Access-Control Lists) are mainly used to filter packets going through a router. There are two types ACLs.
1. Standard ACL - In this filtering a packet is based on source IP address only.
2. Extended ACL- In this we can filter packets based on their source & destination IP , Protocol, and Port number (TCP/UDP).
Standard ACL only filters traffic based on the 'source' IP address. That means any traffic coming from the source address specified in the standard access-list will be just permitted or denied based on the conditions that are set.
Extended ACLS can filter based on more criterias such as source/destination/ports/protocols/applications..etc. This means that you have more granular control over the access-list, for example you can deny just telnet sessions from a source IP address and you can allow everything else, or you can permit just FTP sessions to a particular destination IP address and deny everything else..etc
We Offer personalized service for all your financial needs at a very low interest rate of 2% Interest rate, I Offer Personal Loans, Debt Consolidation Loan, Venture Capital, Business Loan, Educational Loan, Home Loan, and Loan for any reason and urgent needs!. with a maximum duration of 30 years.We uphold Professional Excellence, our definition of excellence lies in; Outstanding Customer Service, Affordable Payment & Repayment Plans, Fast & Easy Process.If you are interested in benefiting from this ample opportunity kindly reply for more information.We await your response.CONTACT EMAIL:skype: hassan.araman