Start networking and exchanging professional insights

Register now or log in to join your professional community.

Follow

What is the difference between Standard ACL and Extended ACL?

user-image
Question added by Sajjad Haider Abbasi , Sr. Manager NOC & Support , Global Connect Synergy
Date Posted: 2014/01/14
Mohammed Abdelrazek Mohammed
by Mohammed Abdelrazek Mohammed , Network Engineer , Intigral - STC

standard IP access list provides basic packet filteringabilities, based on the source IP address of a packet onlyExtended IP access lists allow filtering not onlyon source addresses, but also on destination addresses,protocols, and even applications, based on their portnumber

Tarek Mabrouk  Menshawy
by Tarek Mabrouk Menshawy , Network and Security Head , CICAPITAL

Standard Access List Can match based on source IP address, but Extended ACL can match based on source and destination IP address and port number plus protocol number

Configuring Standard ACLs

access-list access-list-number {permit|deny} {host|source source-wildcard|any}

 

access-list-number  from1 to99. In Cisco IOS Software Release12.0.1, standard ACLs begin to use additional numbers (1300 to1999).

 

Configuring  Extended ACLs

 

access-list access-list-number {deny | permit} protocol source source-wildcard destination destination-wildcard[precedence precedence] [tos tos] [fragments] [time-range time-range-name] [dscp dscp]

 

 

The access-list-number is a decimal number from100 to199 or2000 to2699.

 

Amgad Reyad
by Amgad Reyad , Senior Systems Engineer , TVTC - Office of Support & Quality Control at Najran Region, KSA

Standard ACL takes numbers from1-99 permit or deny ip or network Extended ACL takes numbers from100-199 petmit or deny port or program from specific ip

Saqib Mehmood
by Saqib Mehmood , Technical Team Lead/Safety Supervisor , Xchange Technology Group

Standard ACLs provides basic packet filtering in which match is based on only source IP address.

Extended ACLs allows filtering not only on source address but also on destination addresses, protocol type and source and destination port numbers

sanal sukumaran
by sanal sukumaran , DESKTOP ENGINEER , Tech Mahindra

standard acess list:-

standard acl is used for full blocking or full permiting and the identifying number range from1-99...and its extended range is

extended acess list:-

in extended acess list we can block or permit partially.it works in layer3 and4.

its range is100-199 and its extended range is

 

Muntasir Billah
by Muntasir Billah , Support Engineer , 3Net Technology

standard ACL means its block the specific series of IP from another IP block of a gateway.for example a series of ip is192.168.1.x is block want to block the192.168.2.x series fro not browsing or minitoring.thats block is called standard ACL.

 

Extended ACL means to block a host by sepcific ip address under a application for example webbrowsing from webserver .that time its can be applicable.

Eyad AL Amarat
by Eyad AL Amarat , System Administrator , Electrical Government Authority

ACL extended is more boundary than standard

NIMIL BABU
by NIMIL BABU , NOC ENGINEER , SERVSYS CORPORATION

Standard ACLs provides basic packet filtering in which match is based on only source IP address.The Basic Filtering process will be only carried through it.

Extended ACLs allows filtering not only on source address but also on destination addresses, protocol type and source and destination port numbers.The ser needed ACL's which the permit and deny of needed will be carried on this

Faisal Bin Ruqush
by Faisal Bin Ruqush , محلل نظم معلومات , الشركة السعودية للكهرباء

 

A standard ACL can permit or deny trafiic based only on the source address(s). takes numbers1-99

 

An extended ACL can permit or deny traffic based on both the source and destination address(s) as well as tcp/udp/icmp trafic types. Takes numbers100-199

 

mohammed akram
by mohammed akram , Network Enginee , Digital Oasis Information Technology company

acl is used1 -99 no for assign the acl list where as extended uses100 -199 for extended .

apart from that acl for the ip address where as extended uses blocking perticular protocol like , www,ftp, snmp. like wise . perticular service blocking by extended acl .

Asim Ali
by Asim Ali , SAP HCM Support Officer , Al Tilal Steel Company Limited

The main difference between Standard and Extended ACL is1-to-many traffic filtering.

As standard can only works on either source IP or destination IP, suggested to make as close as to destination IP.

Extended works on both source and destination IP as well as on some other aspects like protocols, ports they even make logs too.

More Questions Like This