Access List

                                       Access control list

Access list manage IP traffic as n/w access grow.

Access list control flow of data entering/exiting router port.

Access list filter data packet as they enter/exit router port.

Access list filter packet on basis of layer 3 and above the information.

Access list filter data packet only, its does not work for control packet.

Permit or deny packet moving through the router interface.

Permit or deny VTY access from router.

Its improve n/w performance.

                                     Types of Access list

Standard ACL-

It filter packet on basis of Source address, its permit or deny entire protocol suite.

Range – 1 to 99 & 1300 to 1999.

Extended ACl-

It filter packet on basis of Source address, Destination address, Port nos & Protocol. It’s also Permit or deny traffic.

Range – 100 to 199 & 2000 to 2699

  

Dynamic (Lock-and-key) Access Control Lists-

Its used to block user traffic until the user telnet to the router.

Dynamic Access List is based on Extended ACL which starts with an entry that blocks traffic through the router.

Reflexive access lists-

Its allow IP packets to be filtered based on upper-layer session information.

Reflexive access lists to permit IP traffic for sessions originating from within your network but to deny IP traffic for sessions originating from outside your network.