MicroNugget: How to Configure Extended ACLs on Cisco Routers

Рет қаралды 75,282

Күн бұрын

Start learning cybersecurity with CBT Nuggets. courses.cbt.gg...
In this video, Jeremy Cioara covers extended ACLs on Cisco routers. ACLs are powerful documents that contain lists of statements that govern which devices can and cannot access other devices. By configuring extended ACLs, you can regulate the traffic on a network and keep traffic moving fast and secure.
One of the many things that a well-configured extended ACL can do for a network is prevent a given IP address' traffic from reaching another IP address. That's because an extended access list is really nothing more than a document with a row of statements that permit or deny traffic based on rules you can set up. That can be protocol, port number, source, destination, time range, and more.
When it comes to configuring an extended ACL, just like driving to Disneyland only to discover it's closed would waste time and energy, the best practice is to host extended access lists as close to the source as possible. See how to write rules that identify source IP, its protocol, and the many other filters you can use to manage network traffic with extended ACLs.
🌐 Download the Free Ultimate Networking Cert Guide: blog.cbt.gg/b942
⬇️ 13-Week Study Plan: CCNA (200-301): blog.cbt.gg/8lky
Start learning with CBT Nuggets:
• Cisco CCNA (200-301) | courses.cbt.gg...

Пікірлер: 97

@alirezaabrishami6530 10 жыл бұрын

Jeremy, I really love the way you teach Cisco!!! Thank You!

@cbtnuggets 10 жыл бұрын

Alireza Abrishami You're are certainly welcome! Good luck with your training.

@muhiziaristide2604 4 жыл бұрын

I did too!

@Three_Dog_Gaming 4 жыл бұрын

Definitely valuable! Had a co-worker leave the company that was basically master of all things Cisco and we're trying to interpret what he left us with!

@robertsmooth6339 Жыл бұрын

HI Jeremy This course on extended ACLs on Cisco routers is very . But it too late me I'm going to retire... Jeremy your awesome teacher and I want to thank you and Micro Nugget for educating for those who are pursuing a high advance technology career. Thanks you and even If I retired I continue to login from time to time. I'm Network Engineer

@florentvespit960 8 жыл бұрын

am from africa, i've learned CCNA, but your videos make me understand more and more every days. thanks a lot

@mariorodas634 3 жыл бұрын

Jeremy, i love your videos. I'm studying for SBA for CSCO-220 AND CSCO-221. This video, and one other of yours, has been super helpful in remembering which direction to place acl. Thank you!

@cbtnuggets 11 жыл бұрын

Mahad, you are correct! This is one of Jeremy's newest MicroNuggets.

@MrAadeyemo 4 жыл бұрын

That was very straight to the point Jeremy and delivered in a not-boring manner.

@cbtnuggets 11 жыл бұрын

Thanks for your question! If you would like you can submit a formal request for this MicroNugget from the link above found in the description.

@AmazinglyAwkward 5 жыл бұрын

I'm actually doing a comptia exam not the CCNA but this was still super super helpful, it was definetly more helpful seeing a terminal. Thanks so much!

@chrisallen6738 11 жыл бұрын

You are the best video instructor on the web. Keep it up, just the way you are doing it.

@libertywraith249 7 жыл бұрын

you are THE MAN Jeremy C . your instruction has been so very effective for me....and apparently everyone i talk to. thank you!!!

@muhammad.rafi2012 10 жыл бұрын

Jeremy as nice as ever, can we have micro nugget on applying extended access list for VTY line or console. that would be really helpful for every body i think ..

@cbtnuggets 11 жыл бұрын

Thanks for the feedback!

@gchlion 11 жыл бұрын

I just want to say... AMAZING. Jeremy is the best in this of cbt ! He has the ease to explain the stuff in very cool way. NICE!!!

@Gamelover22478 2 жыл бұрын

Thank you so much for the video ! I’m currently in a CNT160 class and ACLS are a struggle for me, we just started implementing NAT so this will help me very much ! Thank you 😁

@cbtnuggets 11 жыл бұрын

Simon, if you would like to know a little more, feel free to request that MicroNugget in the link found in the MicroNugget description.

@petrithysaj4529 3 жыл бұрын

Thank you very much. I've my exam coming up fast and you are helping in my passing it.

@cbtnuggets 3 жыл бұрын

You can do it, Petrit! Good luck on your exam. Thank you for learning with us!

@incognituadictus2226 3 жыл бұрын

good and clear explanation, i like the "be the router" analogy!

@IgorDrozdov4 2 жыл бұрын

Awesome explanation! Thank you!

@jeremymayer9221 6 жыл бұрын

From one Jeremy to another! Thank you! Really helped!

@WiseK.D 5 ай бұрын

Jeremy thank you so much you cleared most of my confusion.. I Don't know if you have already done this but can you make a video on acl protocoles I mean all of them and explain their use and how they work . That will be great .

@kaguyakobe 3 ай бұрын

We love this, thanks Jeremy

@SuijoART 3 жыл бұрын

Really helpfull. I was stuck with ACL. However after listen your explanation I'm ready to work with. Thanks 😃.

@seepaknanda3397 4 жыл бұрын

Jeremy really your teaching method on Cisco is excellent thank you.

@adammohamed5757 6 жыл бұрын

Thank you, honestly speaking, you are amazing instructor.

@habibkhayat1725 3 жыл бұрын

Thanks Jeremy. You make Networking world much easier to understand. We miss instructor like you in Cyber Security. Hope you get into that field like Kieth Barker.

@robertmotz9227 9 жыл бұрын

That was awesome. Thanks Robert P. Motz

@MohammadAhmad-nh5ug 4 жыл бұрын

Thanks Jeremy. This was fun.

@El_bigC 9 жыл бұрын

Top notch explanation, as always, Jeremy!!

@zwimaster 11 жыл бұрын

As always informative! Jeremy's nugget series are the best!

@mukunddabholkar4105 3 жыл бұрын

superb!!! explain in simple way.. awsome.

@AhmedMahmoud-qh7oc 6 жыл бұрын

This man is great. I hope I discovered this channel earlier

@cspell 8 жыл бұрын

well done, nice explanation of how the protocols work together!

@ashutoshanand4717 5 жыл бұрын

Pretty informative in brief.... would like to know about 1) Internet of things 2) SDN in brief

@ChasedWheels 3 жыл бұрын

Thanks Jeremy! It was very informative.

@ajaysankar5467 Жыл бұрын

Very Helpful. Thank you.

@inkbythebarrelandpaperbyth6905 5 жыл бұрын

Hey CBT nuggets. Jeremy is great. Thanks!

@bobbywaker1793 4 жыл бұрын

love how u explain it your the best . i wish you do a video for ssh

@luizclarke1829 10 жыл бұрын

Thank you Jeremy!

@יוסףויטל 4 жыл бұрын

Perfect explained 🙏

@dwade_fpv 11 жыл бұрын

Great explanation. I really appreciate your wisdom.

@TheLithGH 4 жыл бұрын

Thanks Jeremy!! I've always been confused as to when to start an extended access-list with "access-list 100___" or " ip access-list extended 100___" ? Thank you for your assistance!! :-)

@jasonbrussmn 5 жыл бұрын

Wow, just found your channel and this is awesome!

@Alakion 5 жыл бұрын

Thanks for the explanation , helped me a lot ! Cheers!

@chr1smack1nnon 11 жыл бұрын

Love the explanations. You rock!

@Asudragon 5 ай бұрын

quick question i am struggling to find answer to, what is the general thought on when to use standard ACL compared to extended? wouldnt a standard ACL where you deny that specific traffic and permitting the rest work as well?

@YouSSTheMacOSXWannabe 11 жыл бұрын

thank you Jeremy

@ManojKumar-1985 11 жыл бұрын

Great Explanation

@NoONE-bk7ud 2 жыл бұрын

that was a good explanation

@mahadabdilahi3958 11 жыл бұрын

i think this nugget is one of the new CCNA series produced by great instructor jeremy ciora am i right ?

@rabiej8011 3 жыл бұрын

Thank you so much, finally that explains it well

@cbtnuggets 3 жыл бұрын

Glad you liked it!

@sherifflawal7131 10 жыл бұрын

May God bless you.

@nahomaseged3324 Жыл бұрын

fantastic video. keep it up!

@TheSingleNotice Жыл бұрын

Hi Jeremy, thank you for this. I am working on a problem with requires me to limit http/https traffic (as shown in your video) but only when an ip address is even. I know this would be with the use of wildcard masks, but can you give an example please? I then need to how that http does not connect but all other traffic does. How would I showcase this please? Many thanks

@187MIAMIBOY 9 жыл бұрын

Thank you so much. I'm taking SEC450 and dealing with ACLs right now. This has helped me understand it a bit much better. The only thing I can't get around is the "3P" rule.. How would you do one protocol per access list etc..?

@cbtnuggets 9 жыл бұрын

187MIAMIBOY One protocol means IP protocol (vs. IPX, Appletalk, etc...). Not one protocol as in UDP, TCP, ICMP, etc... You can handle "limitless" IP-based protocols within the access-list. We hope that helps!

@kostas8469 4 жыл бұрын

thanks :)

@NWWalkerMusic 8 жыл бұрын

Great video! Thanks for posting. Any Micro-Nuggets on VLSM?

@HarshvardhanParashar09 8 жыл бұрын

Awesome !

@aniswlidi2012 Жыл бұрын

Hi Jeremy. I uses alpha prep but there was no configuration questions, only multichoice questions. Is the new CCNA exam consisting of multichoice questions only?

@chaospressure 10 жыл бұрын

This was super helpful. Thanks alot

@cbtnuggets 10 жыл бұрын

You're welcome Steven Wallis!

@pouyameisamifard5804 5 жыл бұрын

you are good at teaching , i really enjoy it thank you ,say more about ip helper when there is subnets and trunking and the router that dhcp pool run on it is not directly connected to this subnets but it is conneted frome the thered router ,i don't know is that logical or possible but i am curious to know that,at ninja speed

@mlram20055 10 жыл бұрын

Brilliant!!

@AJIN0071981 7 жыл бұрын

jeremy thanks !!!!

@ericmorey1460 11 жыл бұрын

Great video.

@إِسْلَامبَاشَاآغَا 2 жыл бұрын

Amazing Thanks

@vianneyjean4754 4 жыл бұрын

Y are the best👏👏👏

@nullsemicolon 3 жыл бұрын

great video!

@cbtnuggets 3 жыл бұрын

Glad you enjoyed it, thank you Sean!

@rakibuzzamansikdar6367 2 жыл бұрын

respect

@khiderglal8245 3 жыл бұрын

thanx your video is helpfull

@Johnson14207 4 ай бұрын

It gets little complicated when applied in and out to a VLAN interface

@MrSenicho 4 жыл бұрын

Hey Jeremy , thanks for the video, I 'd love to see if you can show me how i can access my local webapp hosted locally in my local area network from the internet, i have CISCO 2900 router, and i have public IP. thanks in advance.

@tayyabali5352 3 жыл бұрын

what if i have two routers both having a switch attached to there fa0/0 ports and those switches then have atleast two end devies(pc) connected with them. Now i want to block a single pc of 1st router for communicating with a single pc of the 2nd router. How can i do that?

@mihaiciobanu6804 3 жыл бұрын

How do you test the http or https ACL in packet tracer?

@prodfc_17 5 ай бұрын

Epic

@ikiyytours2320 2 жыл бұрын

i liked it.

@delson007. 2 жыл бұрын

yo jeremy, ive been trying to figure this out but i cant find anything about it, once you apply the extended access list to the interface, is there a way to delete that?

@400EMP 2 жыл бұрын

Yes, with many commands in Cisco, the best way to remove a configuration is to use the "No" command before the statement. In this case: "no access-list 150" should remove the ACL in its entirety

@GuiltySpark 11 жыл бұрын

This Nugget Good for u

@cnxduo65 10 жыл бұрын

Hey dude; Have any VOD's on how to use object oriented ACL's on say Cisco 2911 routers? Thanks >:-}

@cbtnuggets 10 жыл бұрын

cnxduo65 Thanks for the comment! We do not have a specific object oriented ACL for Cisco's 2911 routers MicroNugget but we have passed along your request for future recording possibilities.

@achrafelkhandouli 4 жыл бұрын

godbless

@ralph_022 10 жыл бұрын

Thanks !!!!! How do you deny a network from rehashing another network using extended ??? Ex deny network 192.168.2.0 - 192.168.2.63 from pinging network 192.168.3.0. Please help

@cbtnuggets 10 жыл бұрын

ralph restituyo We recommend asking these types of questions on our Forum to get other members of the CBT Nuggets community involved: community.cbtnuggets.com/forums