[Config] Access-List

Numbered Access-List 설정

 

Standard ACL

Usage : access-list [1~99] { permit | deny } Source-IP  [wildcard-mask]

 

R1(config)# access-list 10 permit 1.1.1.1 0.0.0.0 (또는 access-list 10 permit host 1.1.1.1)

R1(config)# access-list 10 deny 1.1.1.0 0.0.0.255

R1(config)# access-list 10 permit 0.0.0.0 255.255.255.255 (또는 access-list 10 permit any)

R1(config)# interface fa0/0

R1(config-if)# ip access-group [number] { in | out }

 

Extended ACL

Usage : access-list [100~199] { permit | deny } Protocol  Source-IP [wildcard-mask] Destination-IP [wildcard-mask] [Port]

 

R1(config)# access-list 101 permit ip host 1.1.1.1 host 2.2.2.2

R1(config)# access-list 101 deny tcy host 3.3.3.3 any eq 80

R1(config)# access-list 101 permit ip any any

R1(config)# interface fa0/0

R1(config-if)# ip access-group [number] { in | out }

 

 

Named Access-List 설정

 

Usage : ip access-list { Standard | Extended } name  //Enter

{ permit | deny } [ACL conditions]

 

R1(config)# ip access-list standard Test

R1(config-std-nacl)# deny 1.1.1.0 0.0.0.255

R1(config-std-nacl)# permit any

R1(config)# interface fa0/0

R1(config-if)# ip access-group [name] { in | out }