ACL in Router(Access Control List)

-
 ACL (Access Control List)
ACL is use for to set additional level of security into the router.
ACL is a security that set-in router port
ACL are of two type in router
a.    Permit
b.    Deny
c.     Both statements must be set in Router.
If Permit or Deny use in any network use wild card mask (opposite of subnet mask)
ACL are of two type
a.    Standard ACL   from (1-99)
b.    Extended ACL from (99-1999)

Standard ACL
Standard ACL is used for source but apply in destination
Its Range is 1-99
ACL is applying in router interface port. Packet transfer port is 2 type
A.   Incoming
B.   Outgoing
ACL is set in incoming and outgoing port of router


How to configure 

First Diagram

Basic Configuration And clock rate


Go to first router in cli mode and type
 No
Router>en
Router#conf t
Router(config)#int s0/0
Router(config-if)#ip address 192.168.30.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#clock rate 64000
Router(config-if)#exit

Router(config)#int f0/0
Router(config-if)#ip address 192.168.10.1 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit

Go to second router in cli mode
 No
 Router>en
Router#conf t
Router(config)#int s0/0
Router(config-if)#ip address 192.168.30.2 255.255.255.0
Router(config-if)#no shut
Router(config-if)#exit
          
Router(config)#int f0/0

Router(config-if)#ip address 192.168.20.1 255.255.255.0

Router(config-if)#no shut
Router(config-if)#exit

Now Routing With RIP

In Router first
Router(config)#router rip
Router(config-router)#network 192.168.10.0
Router(config-router)#network 192.168.30.0
Router(config-router)#exit


In Router Second

Router(config)#router rip
Router(config-router)#network 192.168.30.0
Router(config-router)#network 192.168.40.0
Router(config-router)#network 192.168.50.0
Router(config-router)#exit

Now Use Access-list

First make access list 

Access list make in all opposite router 
for example in these case 
Deny IP is in Router 2 so go to first router and Type command 
Access-list space (no. between 1-99) space deny or allow space host space ip 

Go to router First 
Router(config)#access-list 10 deny host 192.168.40.1    →   For deny one I.P.
Router(config)#access-list 10 permit any                         → For allow all network

Now add in port of Router

In these condition go to incoming port

Router(config)#int s0/0
Router(config-if)#ip access-group 10 in
Router(config-if)#exit

Now Testing

Go to router First and ping all ip of router second 
192.168.40.1           ------      Deny
and all other(192.168.1.50.1,  40.1,  30.1)   ---- allow

As shown in picture





  
Extended ACL

Extended ACL to permit or deny ip address or port, it is also apply in destination port
    
     PRACTICAL
     
      DIAGRAM

Comments

Post a Comment

Popular posts from this blog

How to connect two Laptops via mobile hotspot

-
If we want to transfer a file or a folder without any physical medium then we can use mobile hotspot as a mediatior. To connect two laptops we have to go through several steps. Steps:- first on the hotspot of mobile and connect to both laptops and connect to both laptops then open network and check devices if net is off then give manual ip in both laptop then check both laptops in network then share data from first laptop Steps:- First copy all the data in a folder --> go to folder properties --> click on share --> advance --> check mark on "share the folder" --> permission --> check mark on full control-->ok-->close Now go to another laptop-->network-->open another laptop-->and paste the data.
Read more

Supernet

-
Supernet Supernet is used for to merge multiple route into single router. Supernet is create max.7 network Supernet is covered in into small size network Supernet create in 4 step’s 1. First convert all ip into binary 2. Now set the end operation end operation condition’s. operation are       a. all bit is one then output is one       b. all bit is zero then output is zero       c. if one bit is one and second is zero then output will zero 3. After set end operation now create new ip 4.Count common bit and create subnet mask For example                       172.16.111.0                       172.16.112.0                       172.16.113.0  1. Now convert it into binary.       10101100         00010000              01101111        00000000 10101100         00010000              01110000        00000000 10101100         00010000              01110001        00000000 2. Now set the end operation end operation condition’s and create new ip  10101100         00010000               01101111
Read more

What is network and its types

-
Image
What is network ? A network is a collection of multiple computers or Other hardware devices that are connected together, either physically or logically using hardware and software. What is networking? Networking is the process of sharing of data between different devices,and it also involves Designing, implementing, upgrading ,managing and working with network technologies.  Types of network 1.       (Lan) Local area network 2.      (man) metropolitan area network 3.      (Wan) wide area network 4.      (Can ) campus area network 5.      (Gan) global area network 6.      (Pan) personal area network Local Area Network     A computer network that links devices within a building or group of adjacent buildings, especially one with a radius of less than 1 km. Metropolitan Area Network A metropolitan area network (MAN) is a network that interconnects users with computer resources in a geographic area or region larger than that covered by even a large local area network (LAN) but s
Read more