Configuring ACLs
Examples for Compiling ACLs
For detailed information about compiling ACLs, refer to the Security Configuration Guide and the "IP
Services" chapter of the Cisco IOS IP and IP Routing Configuration Guide for IOS Release 12.1.
Figure 23-2
a Cisco router. A host is connected to the network through the Internet using a WAN link.
Use switch ACLs to do these:
•
•
Figure 23-2 Using Switch ACLs to Control Traffic
workstations
This example uses a standard ACL to allow access to a specific Internet host with the address
172.20.128.64.
Switch(config)# access-list 6 permit 172.20.128.64 0.0.0.0
Switch(config)# end
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ip access-group 6 in
Catalyst 2950 Desktop Switch Software Configuration Guide
23-18
shows a small networked office with a stack of Catalyst 2950 switches that are connected to
Create a standard ACL, and filter traffic from a specific Internet host with an address 172.20.128.64.
Create an extended ACL, and filter traffic to deny HTTP access to all Internet hosts but allow all
other types of access.
Internet
Cisco router
End
Workstation
Catalyst 2950
Catalyst 2950
Catalyst 2950
Chapter 23
Configuring Network Security with ACLs
78-11380-04