Access control list 2
Upcoming SlideShare
Loading in...5
×
 

Access control list 2

on

  • 500 views

 

Statistics

Views

Total Views
500
Views on SlideShare
500
Embed Views
0

Actions

Likes
0
Downloads
31
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Access control list 2 Access control list 2 Presentation Transcript

  • 1
  • Access Control List • It is a Layer 3 security which controls the flow of traffic from one router to another. • It is also called as Packet Filtering Firewall. 2
  • ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 3 1.0 should not communicate with 2.0 network
  • Types of Access-list • Standard ACL • Extended ACL • Named ACL 4
  • Standard Access List • The access-list number lies between 1 – 99 • Can block a Network, Host and Subnet • Two way communication is stopped • All services are blocked. • Implemented closest to the destination. (Guideline) 5
  • Extended Access List • The access-list number lies between 100 – 199 • Can block a Network, Host, Subnet and Service • One way communication is stopped • Selected services can be blocked. • Implemented closest to the source. (Guideline) 6
  • Terminology • Deny : Blocking a Network/Host/Subnet/Service • Permit : Allowing a Network/Host/Subnet/Service • Source Address : The address of the PC from where the request starts. Show Diagram • Destination address : The address of the PC where the request ends. • Inbound : Traffic coming into the interface • Outbound : Traffic going out of the interface 7
  • Terminology • Protocols : IP - TCP - UDP - ICMP • Operators : eq (equal to) neq (not equal to) lt (less than) gt (greater than) • Services : HTTP, FTP, TELNET, DNS, DHCP etc.. 8
  • Wild Card Mask • Tells the router which addressing bits must match in the address of the ACL statement. • It’s the inverse of the subnet mask, hence is also called as Inverse mask. • A bit value of 0 indicates MUST MATCH (Check Bits) • A bit value of 1 indicates IGNORE (Ignore Bits) • Wild Card Mask for a Host will be always 0.0.0.0 9
  • Wild Card Mask • A wild card mask can be calculated using the formula : Global Subnet Mask – Customized Subnet Mask ------------------------------Wild Card Mask E.g. 255.255.255.255 – 255.255.255.240 --------------------0. 0. 0. 15 10
  • 11
  • ACL - Network Diagram 10.0.0.1/8 S0 HYD 11.0.0.1/8 S0 S1 10.0.0.2/8 E0 192.168.1.150/24 1.1 1.2 1.3 LAN - 192.168.1.0/24 2.1 CHE S1 11.0.0.2/8 E0 192.168.2.150/24 2.2 2.3 LAN - 192.168.2.0/24 3.1 BAN E0 192.168.3.150/2 3.2 3.3 LAN - 192.168.3.0/24 1.0 should not communicate with 2.0 network 1.0 should not communicate with 2.0 network 12