How to add/modify Standard Access Control List (ACL) Cisco router

7 Comments

  1. hi sir i want full command of acl configuration

  2. how i can configure frame relay

  3. very easy information taken by you ………thank u

  4. you have given info in a easiest way to understand… Thank you..

  5. i want to add an ip address in my ip permit list in a switch2950.how it possible.plz explain brief…
    my switch config is like as follow:

    enable password 7 072C285F4D06

    sername switch-una privilege 15 password 7 15011C05102923693D3D3461405547
    sername cisco-una privilege 15 password 7 0307521805006C594008
    p subnet-zero

    panning-tree mode pvst
    o spanning-tree optimize bpdu transmission
    panning-tree extend system-id

    nterface FastEthernet0/1
    spanning-tree portfast

    nterface FastEthernet0/2

    nterface FastEthernet0/3
    description “connected to hub”
    ip access-group port3 in

    nterface FastEthernet0/4

    nterface FastEthernet0/5
    shutdown

    nterface FastEthernet0/6
    shutdown

    nterface FastEthernet0/7
    shutdown

    nterface FastEthernet0/8
    shutdown

    nterface FastEthernet0/9
    description “connected to vc camera”
    ip access-group port9 in

    nterface FastEthernet0/10
    shutdown

    nterface FastEthernet0/11
    shutdown

    nterface FastEthernet0/12
    shutdown

    nterface FastEthernet0/13
    shutdown

    nterface FastEthernet0/14
    shutdown

    nterface FastEthernet0/15
    shutdown

    nterface FastEthernet0/16
    shutdown

    nterface FastEthernet0/17
    description “connected to pc for router access”
    ip access-group port17 in
    spanning-tree portfast

    nterface FastEthernet0/18
    shutdown

    nterface FastEthernet0/19
    shutdown

    nterface FastEthernet0/20
    shutdown

    nterface FastEthernet0/21
    shutdown

    nterface FastEthernet0/22
    shutdown

    nterface FastEthernet0/23
    shutdown

    nterface FastEthernet0/24
    shutdown

    nterface GigabitEthernet0/1
    no keepalive
    duplex full
    spanning-tree portfast

    nterface GigabitEthernet0/2
    no keepalive
    spanning-tree portfast

    nterface Vlan1
    ip address 10.146.153.3 255.255.255.128
    no ip route-cache

    p http server

    p access-list standard vty
    permit 10.146.153.11
    permit 10.146.153.13
    permit 10.146.153.12
    permit 10.146.2.14
    permit 10.146.2.7
    permit 10.146.2.92
    permit 10.146.2.81

    p access-list extended port17
    permit ip host 10.146.153.11 any
    deny ip any any
    p access-list extended port3
    permit ip host 10.146.153.105 any
    permit ip host 10.146.153.111 any
    permit ip host 10.146.153.112 any
    permit ip host 10.146.153.85 any
    permit ip host 10.146.153.90 any
    permit ip host 10.146.153.13 any
    permit ip host 10.146.153.25 any
    permit ip host 10.146.153.61 any
    permit ip host 10.146.153.16 any
    permit ip host 10.146.153.96 any
    permit ip host 10.146.153.32 any
    permit ip host 10.146.153.18 any
    permit ip host 10.146.153.62 any
    permit ip host 10.146.153.47 any
    permit ip host 10.146.153.51 any
    permit ip host 10.146.153.115 any
    permit ip host 10.146.153.12 any
    permit ip host 10.146.153.35 any
    permit ip host 10.146.153.53 any
    permit ip host 10.146.153.44 any
    permit ip host 10.146.153.59 any
    permit ip host 10.146.153.30 any
    permit ip host 10.146.153.81 any
    permit ip host 10.146.153.10 any
    permit ip host 10.146.153.117 any
    permit ip host 10.146.153.66 any
    permit ip host 10.146.153.23 any
    permit ip host 10.146.153.29 any
    permit ip host 10.146.153.52 any
    permit ip host 10.146.153.123 any
    permit ip host 10.146.153.118 any
    permit ip host 10.146.153.50 any
    permit ip host 10.146.153.120 any
    permit ip host 10.146.153.43 any
    permit ip host 10.146.153.110 any
    permit ip host 10.146.153.36 any
    permit ip host 10.146.153.4 any
    permit ip host 10.146.153.56 any
    permit ip host 10.146.153.95 any
    permit ip host 10.146.153.99 any
    permit ip host 10.146.153.102 any
    permit ip host 10.146.153.100 any
    permit ip host 10.146.153.73 any
    permit ip host 10.146.153.107 any
    permit ip host 10.146.153.75 any
    permit ip host 10.146.153.76 any
    permit ip host 10.146.153.77 any
    permit ip host 10.146.153.78 any
    permit ip host 10.146.153.79 any
    permit ip host 10.146.153.80 any
    permit ip host 10.146.153.86 any
    permit ip host 10.146.153.87 any
    permit ip host 10.146.153.88 any
    permit ip host 10.146.153.89 any
    permit ip host 10.146.153.74 any
    permit ip host 10.146.153.97 any
    permit ip host 10.146.153.98 any
    permit ip host 10.146.153.21 any
    permit ip host 10.146.153.22 any
    permit ip host 10.146.153.24 any
    permit ip host 10.146.153.26 any
    permit ip host 10.146.153.27 any
    permit ip host 10.146.153.28 any
    –More–

  6. hey, I want to create standard acl to allow all network to flow from 172.16.10.0 0.0.0.255 to 172.16.20.0 0.0.0.255 and 172.16.30.0 0.0.0.255 but i don’t want network to flow from 172.16.20.0 0.0.0.255 to 172.16.30.0 0.0.0.255 and vice versa, so I created the following acl,

    access-list standard 10 permit 172.16.10.0 0.0.0.255
    access-list standard 10 deny any.

    and also i created sub interfaces on the router for interface fa 0/0

    sub interface fa 0/0.1 for 172.16.10.0 0.0.0.255

    sub interface fa 0/0.2 for 172.16.20.0 0.0.0.255

    sub interface fa 0/0.3 for 172.16.30.0 0.0.0.255

    and I have applied the above access list on the sub interface fa 0/0.2 and fa 0/0.3, but its not working. Please help

Leave a Reply

Your email address will not be published. Required fields are marked *