Access Control Lists (ACLs) are a set of rules defined on a router or switch interface to filter traffic. They can permit or deny packets based on source IP, destination IP, port numbers, and protocols.
Types of ACLs
1. Standard ACLs (1-99, 1300-1999)
- Filter based on Source IP Address only.
- Should be placed as close to the destination as possible.
2. Extended ACLs (100-199, 2000-2699)
- Filter based on Source IP, Destination IP, Protocol, and Port.
- Should be placed as close to the source as possible.
Wildcard Masks
ACLs use wildcard masks to define the scope of the address match. A 0 bit means "match exactly", and a 1 bit means "ignore".
- Host 192.168.1.1 ->
0.0.0.0 - Subnet 192.168.1.0/24 ->
0.0.0.255
Next Step: Configure ACLs in the ACL Configuration Lab.