ACLs Notes

******************************************************************
Example No 1  Permit Network  172.16.0.0
******************************************************************
Example No 2  Deny a Specific Host  172.16.4.13
******************************************************************
Example No 3  Deny a Specific Subnet  172.16.4.0
******************************************************************

Solution of Example No 1
Step1 Configuration of Standard Access List

We have to Permit Data of Network 172.16.0.0 to flow out from E0 and E1 Ethernet Interfaces of the router and enter into the both sides Network 172.16.4.0 and 172.16.3.0.

router> router>enable router# router#config terminal router(config)# router(config)#[access-list] [Number] [permit/deny] [source IP] [Wildcard Mask]

router(config)#access-list 1 permit 172.6.0.0 0.0.255.255 router(config)# router(config)#[access-list] [Number] [ permit] [ 0.0.0.0 255.255.255.255] or any

router(config)# router(config)#access-list 1 permit 0.0.0.0 255.255.255.255 router(config)# What is Implicit Deny All?

At the end of every Access List there is an Option of Implicit Deny which mean there is Condition of Deny for any Traffic coming from any Source. This is by default Feature of Cisco IOS.
So we have to permit this Option Manually for all Sources so that Remaining Traffic would not deny.

Step2 Apply the Standard Access List
We Know that Access List is Applied on the desired Interface of the router so we have of go Interface Config Mode of the Router Interface at which Access List is to be Applied.
As we have to permit the traffic to move out from the router so we apply Access List at Interface Ethernet 0 in the OUT direction and also at Ethernet 1 in OUT direction.
Apply on Ethernet Interface 0 in OUT direction

router(config)# router(config)#interface Ethernet 0 router(config-if)# router(config-if)#[IP access-group] [Number] [out/in]

router(config-if)#