Filtering Ip Packets Using Access Lists; Creating Standard And Extended Access Lists Using Numbers - Cisco MWR 1941-DC - 1941 Mobile Wireless Router Software Configuration Manual
Mobile wireless edge router
Hide thumbs
Also See for MWR 1941-DC - 1941 Mobile Wireless Router:
- Hardware installation manual (106 pages) ,
- User manual (40 pages) ,
- Rack mounting instructions (13 pages)
Table of Contents
Advertisement
Filtering IP Packets Using Access Lists
Filtering IP Packets Using Access Lists
Packet filtering helps control packet movement through the network. Such control can help limit network
traffic and restrict network use by certain users or devices. To permit or deny packets from crossing
specified interfaces, we provide access lists.
You can use access lists in the following ways:
•
•
•
This section summarizes how to create IP access lists and how to apply them.
An access list is a sequential collection of permit and deny conditions that apply to IP addresses. The
Cisco IOS software tests addresses against the conditions in an access list one by one. The first match
determines whether the software accepts or rejects the address. Because the software stops testing
conditions after the first match, the order of the conditions is critical. If no conditions match, the
software rejects the address.
The two main tasks involved in using access lists are as follows:
1.
2.
These and other tasks are described in this section and are labeled as required or optional. Either the first
or second task is required, depending on whether you identify your access list with a number or a name.
•
•
•
•
•
•
•
•
Creating Standard and Extended Access Lists Using Numbers
Cisco IOS software supports the following types of access lists for IP:
•
•
•
Cisco MWR 1941-DC Mobile Wireless Edge Router Software Configuration Guide
6-46
To control the transmission of packets on an interface
To control vty access
To restrict contents of routing updates
Create an access list by specifying an access list number or name and access conditions.
Apply the access list to interfaces or terminal lines.
Creating Standard and Extended Access Lists Using Numbers, page 6-46
Creating Standard and Extended Access Lists Using Names, page 6-50
Specifying IP Extended Access Lists with Fragment Control, page 6-53
Enabling Turbo Access Control Lists, page 6-56
Applying Time Ranges to Access Lists, page 6-57
Including Comments About Entries in Access Lists, page 6-58
Applying Access Lists, page 6-58
Configuration Examples, page 6-60
Standard IP access lists that use source addresses for matching operations.
Extended IP access lists that use source and destination addresses for matching operations, and
optional protocol type information for finer granularity of control.
Dynamic extended IP access lists that grant access per user to a specific source or destination host
basis through a user authentication process. In essence, you can allow user access through a firewall
dynamically, without compromising security restrictions. Dynamic access lists and lock-and-key
access are described in the "Configuring Traffic Filters" chapter of the Cisco IOS Security
Configuration Guide.
Chapter 6
Configuring the MWR 1941-DC in a Cell Site DCN
(Optional)
(Optional)
(Required)
(Required)
(Required)
(Optional)
(Optional)
OL-11503-01
Advertisement
Table of Contents
