CCNA Study Notes on Access Lists

G. Access-Lists

1. Access lists are primarily used for two purposes:

2. IP access lists are a sequential list of permit and deny conditions that apply to IP addresses or upper-layer protocols. Access Control Lists are used in routers to identify and control traffic.

There are two types of IP access lists:

A. Standard IP Access Lists: These have the format, access-list [number] [permit or deny] [source_address]

Keep in mind that:

B. Extended IP Access Lists: IP Extended Access lists have the format, access-list {number}{permit or deny} {protocol} {source} {destination} {port}

With extended IP access lists, we can act on any of the following:

The permitted numbers for some important access-lists are:

3. Wild card masking: Wild card masking is used to permit or deny a group of addresses. For example, if we have a source address and want all the hosts on the last octet to be considered, we use a wild card mask,

Special cases:

Host is same as with a wild card mask of, considers only specified IP.

Any is equivalent to saying with a wild card mask of This means none of the bits really matter. All IP addresses need to be considered for meeting the criteria.

Previous  Up  Next  

CertExams Blog! Facebook Page Twitter Page Certexams on YouTube

Cert-Ex™ Exam Simulators, Cert-Ex™ Network Simulator, Cert-Ex™ Cheatsheets are written independently by and not affiliated or authorized by respective certification providers. Cert-Ex™ is a trade mark of or entity representing™ is a trademark of Cisco® systems.