SlideShare a Scribd company logo

CCNA3 Verson6 Chapter7

Download as PPTX, PDF
Chaing Ravuth
Chaing Ravuth

CCNA3 Verson6 Chapter7

Education
1 of 52
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1 Instructor Materials Chapter 7: Access Control Lists CCNA Routing and Switching Routing and Switching Essentials v6.0
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 13 Chapter 7: Access Control Lists Routing and Switching Essentials v6.0
Presentation_ID 14© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter 7 - Sections & Objectives 7.1 ACL Operation • Explain how ACLs filter traffic. • Explain how ACLs use wildcard masks. • Explain how to create ACLs. • Explain how to place ACLs. 7.2 Standard IPv4 ACLs • Configure standard IPv4 ACLs to filter traffic to meet networking requirements. • Use sequence numbers to edit existing standard IPv4 ACLs. • Configure a standard ACL to secure vty access. 7.3 Troubleshoot ACLs • Explain how a router processes packets when an ACL is applied. • Troubleshoot common standard IPv4 ACL errors using CLI commands.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15 7.1 ACL Operation
Presentation_ID 16© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Purpose of ACLs What is an ACL?  By default, a router does not have ACLs configured; therefore, by default a router does not filter traffic.
Presentation_ID 17© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Purpose of ACLs Packet Filtering  Packet filtering, sometimes called static packet filtering, controls access to a network by analyzing the incoming and outgoing packets and passing or dropping them based on given criteria, such as the source IP address, destination IP addresses, and the protocol carried within the packet.  A router acts as a packet filter when it forwards or denies packets according to filtering rules.  An ACL is a sequential list of permit or deny statements, known as access control entries (ACEs).
Presentation_ID 18© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Purpose of ACLs ACL Operation
Presentation_ID 19© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Introducing ACL Wildcard Masking
Presentation_ID 20© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Introducing ACL Wildcard Masking (cont.) Example
Presentation_ID 21© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Examples
Presentation_ID 22© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Examples (cont.)
Presentation_ID 23© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Calculating the Wildcard Mask  Calculating wildcard masks can be challenging. One shortcut method is to subtract the subnet mask from 255.255.255.255.
Presentation_ID 24© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Keywords
Presentation_ID 25© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Keyword Examples
Presentation_ID 26© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Creation General Guidelines for Creating ACLS
Presentation_ID 27© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Creation ACL Best Practices
Presentation_ID 28© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Placement Where to Place ACLs
Presentation_ID 29© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Placement Where to Place ACLs (cont.)  Every ACL should be placed where it has the greatest impact on efficiency. The basic rules are:  Extended ACLs - Locate extended ACLs as close as possible to the source of the traffic to be filtered.  Standard ACLs - Because standard ACLs do not specify destination addresses, place them as close to the destination as possible.  Placement of the ACL, and therefore the type of ACL used, may also depend on: the extent of the network administrator’s control, bandwidth of the networks involved, and ease of configuration.
Presentation_ID 30© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Placement Standard ACL Placement  The administrator wants to prevent traffic originating in the 192.168.10.0/24 network from reaching the 192.168.30.0/24 network.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 31 7.2 Standard IPv4 ACLs
Presentation_ID 32© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Numbered Standard IPv4 ACL Syntax  Router(config)# access-list access-list-number { deny | permit | remark } source [ source-wildcard ] [ log ]
Presentation_ID 33© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Applying Standard IPv4 ACLs to Interfaces
Presentation_ID 34© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Applying Standard IPv4 ACLs to Interfaces (cont.)
Presentation_ID 35© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Numbered Standard IPv4 ACL Examples
Presentation_ID 36© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Numbered Standard IPv4 ACL Examples (cont.)
Presentation_ID 37© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Named Standard IPv4 ACL Syntax
Presentation_ID 38© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Named Standard IPv4 ACL Syntax (cont.)
Presentation_ID 39© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Method 1 – Use a Text Editor
Presentation_ID 40© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Method 2 – Use Sequence Numbers
Presentation_ID 41© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Editing Standard Named ACLs
Presentation_ID 42© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Verifying ACLs
Presentation_ID 43© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs ACL Statistics
Presentation_ID 44© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Securing VTY Ports with a Standard IPv4 ACL The access-class Command  The access-class command configured in line configuration mode restricts incoming and outgoing connections between a particular VTY (into a Cisco device) and the addresses in an access list.
Presentation_ID 45© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Securing VTY Ports with a Standard IPv4 ACL Verifying the VTY Port is Secured
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 46 7.3 Troubleshoot ACLs
Presentation_ID 47© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs The Implicit Deny Any  At least one permit ACE must be configured in an ACL or all traffic is blocked.  For the network in the figure, applying either ACL 1 or ACL 2 to the S0/0/0 interface of R1 in the outbound direction will have the same effect.
Presentation_ID 48© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs The Order of ACEs in an ACL
Presentation_ID 49© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs The Order of ACEs in an ACL (cont.)
Presentation_ID 50© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs Cisco IOS Reorders Standard ACLs Notice that the statements are listed in a different order than they were entered.
Presentation_ID 51© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs Cisco IOS Reorders Standard ACLs (cont.) The order in which the standard ACEs are listed is the sequence used by the IOS to process the list.
Presentation_ID 52© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs Routing Processes and ACLs  As a frame enters an interface, the router checks to see whether the destination Layer 2 address matches its interface Layer 2 address, or whether the frame is a broadcast frame.  If the frame address is accepted, the frame information is stripped off and the router checks for an ACL on the inbound interface.  If an ACL exists, the packet is tested against the statements in the list.  If the packet matches a statement, the packet is either permitted or denied.  If the packet is accepted, it is then checked against routing table entries to determine the destination interface.  If a routing table entry exists for the destination, the packet is then switched to the outgoing interface, otherwise the packet is dropped.  Next, the router checks whether the outgoing interface has an ACL. If an ACL exists, the packet is tested against the statements in the list. If the packet matches a statement, it is either permitted or denied.  If there is no ACL or the packet is permitted, the packet is encapsulated in the new Layer 2 protocol and forwarded out the interface to the next device.
Presentation_ID 53© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 1
Presentation_ID 54© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 1 (cont.)
Presentation_ID 55© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 2 Security Policy: The 192.168.11.0/24 network should not be able to access the 192.168.10.0/24 network.
Presentation_ID 56© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 2 (cont.) ACL 20 was applied to the wrong interface and in the wrong direction. All traffic from the 192.168.11.0/24 is denied inbound access through the G0/1 interface.
Presentation_ID 57© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 2 (cont.)
Presentation_ID 58© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 3 Problem Security Policy: Only PC1 is allowed SSH remote access to R1.
Presentation_ID 59© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 3 (cont.) Solution! Security Policy: Only PC1 is allowed SSH remote access to R1.
© 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 60 7.4 Summary
Presentation_ID 61© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential • Explain how ACLs filter traffic. • Explain how ACLs use wildcard masks. • Explain how to create ACLs. • Explain how to place ACLs. • Configure standard IPv4 ACLs to filter traffic to meet networking requirements. • Use sequence numbers to edit existing standard IPv4 ACLs. • Configure a standard ACL to secure vty access. • Explain how a router processes packets when an ACL is applied. • Troubleshoot common standard IPv4 ACL errors using CLI commands. Chapter Summary Summary
Presentation_ID 64© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
Presentation_ID 65© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential

Recommended

CCNA4 Verson6 Chapter4
CCNA4 Verson6 Chapter4CCNA4 Verson6 Chapter4
CCNA4 Verson6 Chapter4Chaing Ravuth
 
CCNA4 Verson6 Chapter6
CCNA4 Verson6 Chapter6CCNA4 Verson6 Chapter6
CCNA4 Verson6 Chapter6Chaing Ravuth
 
CCNA4 Verson6 Chapter1
CCNA4 Verson6 Chapter1CCNA4 Verson6 Chapter1
CCNA4 Verson6 Chapter1Chaing Ravuth
 
CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2Chaing Ravuth
 
CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8Chaing Ravuth
 
CCNA3 Verson6 Chapter6
CCNA3 Verson6 Chapter6CCNA3 Verson6 Chapter6
CCNA3 Verson6 Chapter6Chaing Ravuth
 
CCNA2 Verson6 Chapter3
CCNA2 Verson6 Chapter3CCNA2 Verson6 Chapter3
CCNA2 Verson6 Chapter3Chaing Ravuth
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1Chaing Ravuth
 

Recommended

CCNA4 Verson6 Chapter4
CCNA4 Verson6 Chapter4CCNA4 Verson6 Chapter4
CCNA4 Verson6 Chapter4Chaing Ravuth
 
CCNA4 Verson6 Chapter6
CCNA4 Verson6 Chapter6CCNA4 Verson6 Chapter6
CCNA4 Verson6 Chapter6Chaing Ravuth
 
CCNA4 Verson6 Chapter1
CCNA4 Verson6 Chapter1CCNA4 Verson6 Chapter1
CCNA4 Verson6 Chapter1Chaing Ravuth
 
CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2CCNA4 Verson6 Chapter2
CCNA4 Verson6 Chapter2Chaing Ravuth
 
CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8CCNA2 Verson6 Chapter8
CCNA2 Verson6 Chapter8Chaing Ravuth
 
CCNA3 Verson6 Chapter6
CCNA3 Verson6 Chapter6CCNA3 Verson6 Chapter6
CCNA3 Verson6 Chapter6Chaing Ravuth
 
CCNA2 Verson6 Chapter3
CCNA2 Verson6 Chapter3CCNA2 Verson6 Chapter3
CCNA2 Verson6 Chapter3Chaing Ravuth
 
CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1CCNA2 Verson6 Chapter1
CCNA2 Verson6 Chapter1Chaing Ravuth
 
CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
CCNA3 Verson6 Chapter5
CCNA3 Verson6 Chapter5CCNA3 Verson6 Chapter5
CCNA3 Verson6 Chapter5Chaing Ravuth
 
CCNA2 Verson6 Chapter2
CCNA2 Verson6 Chapter2CCNA2 Verson6 Chapter2
CCNA2 Verson6 Chapter2Chaing Ravuth
 
CCNP Switching Chapter 7
CCNP Switching Chapter 7CCNP Switching Chapter 7
CCNP Switching Chapter 7Chaing Ravuth
 
CCNA2 Verson6 Chapter10
CCNA2 Verson6 Chapter10CCNA2 Verson6 Chapter10
CCNA2 Verson6 Chapter10Chaing Ravuth
 
CCNA3 Verson6 Chapter4
CCNA3 Verson6 Chapter4CCNA3 Verson6 Chapter4
CCNA3 Verson6 Chapter4Chaing Ravuth
 
CCNP ROUTE V7 CH2
CCNP ROUTE V7 CH2CCNP ROUTE V7 CH2
CCNP ROUTE V7 CH2Chaing Ravuth
 
CCNA3 Verson6 Chapter3
CCNA3 Verson6 Chapter3CCNA3 Verson6 Chapter3
CCNA3 Verson6 Chapter3Chaing Ravuth
 
CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5Chaing Ravuth
 
CCNP Switching Chapter 5
CCNP Switching Chapter 5CCNP Switching Chapter 5
CCNP Switching Chapter 5Chaing Ravuth
 
CCNA3 Verson6 Chapter2
CCNA3 Verson6 Chapter2CCNA3 Verson6 Chapter2
CCNA3 Verson6 Chapter2Chaing Ravuth
 
CCNP ROUTE V7 CH8
CCNP ROUTE V7 CH8CCNP ROUTE V7 CH8
CCNP ROUTE V7 CH8Chaing Ravuth
 
CCNP ROUTE V7 CH7
CCNP ROUTE V7 CH7CCNP ROUTE V7 CH7
CCNP ROUTE V7 CH7Chaing Ravuth
 
CCNA3 Verson6 Chapter8
CCNA3 Verson6 Chapter8CCNA3 Verson6 Chapter8
CCNA3 Verson6 Chapter8Chaing Ravuth
 
CCNA4 Verson6 Chapter5
CCNA4 Verson6 Chapter5CCNA4 Verson6 Chapter5
CCNA4 Verson6 Chapter5Chaing Ravuth
 
Chapter 18 : routing dynamically
Chapter 18 : routing dynamicallyChapter 18 : routing dynamically
Chapter 18 : routing dynamicallyteknetir
 
CCNA4 Verson6 Chapter3
CCNA4 Verson6 Chapter3CCNA4 Verson6 Chapter3
CCNA4 Verson6 Chapter3Chaing Ravuth
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4Waqas Ahmed Nawaz
 
CCNP Switching Chapter 9
CCNP Switching Chapter 9CCNP Switching Chapter 9
CCNP Switching Chapter 9Chaing Ravuth
 
CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5Nil Menon
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7Waqas Ahmed Nawaz
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsVuz Dở Hơi
 

More Related Content

What's hot

CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9Chaing Ravuth
 
CCNA3 Verson6 Chapter5
CCNA3 Verson6 Chapter5CCNA3 Verson6 Chapter5
CCNA3 Verson6 Chapter5Chaing Ravuth
 
CCNA2 Verson6 Chapter2
CCNA2 Verson6 Chapter2CCNA2 Verson6 Chapter2
CCNA2 Verson6 Chapter2Chaing Ravuth
 
CCNP Switching Chapter 7
CCNP Switching Chapter 7CCNP Switching Chapter 7
CCNP Switching Chapter 7Chaing Ravuth
 
CCNA2 Verson6 Chapter10
CCNA2 Verson6 Chapter10CCNA2 Verson6 Chapter10
CCNA2 Verson6 Chapter10Chaing Ravuth
 
CCNA3 Verson6 Chapter4
CCNA3 Verson6 Chapter4CCNA3 Verson6 Chapter4
CCNA3 Verson6 Chapter4Chaing Ravuth
 
CCNA3 Verson6 Chapter3
CCNA3 Verson6 Chapter3CCNA3 Verson6 Chapter3
CCNA3 Verson6 Chapter3Chaing Ravuth
 
CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5Chaing Ravuth
 
CCNP Switching Chapter 5
CCNP Switching Chapter 5CCNP Switching Chapter 5
CCNP Switching Chapter 5Chaing Ravuth
 
CCNA3 Verson6 Chapter2
CCNA3 Verson6 Chapter2CCNA3 Verson6 Chapter2
CCNA3 Verson6 Chapter2Chaing Ravuth
 
CCNA3 Verson6 Chapter8
CCNA3 Verson6 Chapter8CCNA3 Verson6 Chapter8
CCNA3 Verson6 Chapter8Chaing Ravuth
 
CCNA4 Verson6 Chapter5
CCNA4 Verson6 Chapter5CCNA4 Verson6 Chapter5
CCNA4 Verson6 Chapter5Chaing Ravuth
 
Chapter 18 : routing dynamically
Chapter 18 : routing dynamicallyChapter 18 : routing dynamically
Chapter 18 : routing dynamicallyteknetir
 
CCNA4 Verson6 Chapter3
CCNA4 Verson6 Chapter3CCNA4 Verson6 Chapter3
CCNA4 Verson6 Chapter3Chaing Ravuth
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4Waqas Ahmed Nawaz
 
CCNP Switching Chapter 9
CCNP Switching Chapter 9CCNP Switching Chapter 9
CCNP Switching Chapter 9Chaing Ravuth
 
CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5Nil Menon
 

What's hot (20)

CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9CCNA2 Verson6 Chapter9
CCNA2 Verson6 Chapter9
 
CCNA3 Verson6 Chapter5
CCNA3 Verson6 Chapter5CCNA3 Verson6 Chapter5
CCNA3 Verson6 Chapter5
 
CCNA2 Verson6 Chapter2
CCNA2 Verson6 Chapter2CCNA2 Verson6 Chapter2
CCNA2 Verson6 Chapter2
 
CCNP Switching Chapter 7
CCNP Switching Chapter 7CCNP Switching Chapter 7
CCNP Switching Chapter 7
 
CCNA2 Verson6 Chapter10
CCNA2 Verson6 Chapter10CCNA2 Verson6 Chapter10
CCNA2 Verson6 Chapter10
 
CCNA3 Verson6 Chapter4
CCNA3 Verson6 Chapter4CCNA3 Verson6 Chapter4
CCNA3 Verson6 Chapter4
 
CCNP ROUTE V7 CH2
CCNP ROUTE V7 CH2CCNP ROUTE V7 CH2
CCNP ROUTE V7 CH2
 
CCNA3 Verson6 Chapter3
CCNA3 Verson6 Chapter3CCNA3 Verson6 Chapter3
CCNA3 Verson6 Chapter3
 
CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5CCNA2 Verson6 Chapter5
CCNA2 Verson6 Chapter5
 
CCNP Switching Chapter 5
CCNP Switching Chapter 5CCNP Switching Chapter 5
CCNP Switching Chapter 5
 
CCNA3 Verson6 Chapter2
CCNA3 Verson6 Chapter2CCNA3 Verson6 Chapter2
CCNA3 Verson6 Chapter2
 
CCNP ROUTE V7 CH8
CCNP ROUTE V7 CH8CCNP ROUTE V7 CH8
CCNP ROUTE V7 CH8
 
CCNP ROUTE V7 CH7
CCNP ROUTE V7 CH7CCNP ROUTE V7 CH7
CCNP ROUTE V7 CH7
 
CCNA3 Verson6 Chapter8
CCNA3 Verson6 Chapter8CCNA3 Verson6 Chapter8
CCNA3 Verson6 Chapter8
 
CCNA4 Verson6 Chapter5
CCNA4 Verson6 Chapter5CCNA4 Verson6 Chapter5
CCNA4 Verson6 Chapter5
 
Chapter 18 : routing dynamically
Chapter 18 : routing dynamicallyChapter 18 : routing dynamically
Chapter 18 : routing dynamically
 
CCNA4 Verson6 Chapter3
CCNA4 Verson6 Chapter3CCNA4 Verson6 Chapter3
CCNA4 Verson6 Chapter3
 
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
CCNA (R & S) Module 04 - Scaling Networks - Chapter 4
 
CCNP Switching Chapter 9
CCNP Switching Chapter 9CCNP Switching Chapter 9
CCNP Switching Chapter 9
 
CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5CCNA 2 Routing and Switching v5.0 Chapter 5
CCNA 2 Routing and Switching v5.0 Chapter 5
 

Similar to CCNA3 Verson6 Chapter7

CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7Waqas Ahmed Nawaz
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsVuz Dở Hơi
 
Chapter 09 - Access Control Lists
Chapter 09 - Access Control ListsChapter 09 - Access Control Lists
Chapter 09 - Access Control ListsYaser Rahmati
 
CCNA 2 Routing and Switching v5.0 Chapter 9
CCNA 2 Routing and Switching v5.0 Chapter 9CCNA 2 Routing and Switching v5.0 Chapter 9
CCNA 2 Routing and Switching v5.0 Chapter 9Nil Menon
 
Chapter 20 : access control lists
Chapter 20 : access control listsChapter 20 : access control lists
Chapter 20 : access control liststeknetir
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 4
CCNA (R & S) Module 02 - Connecting Networks - Chapter 4CCNA (R & S) Module 02 - Connecting Networks - Chapter 4
CCNA (R & S) Module 02 - Connecting Networks - Chapter 4Waqas Ahmed Nawaz
 
CCNA_RSE_Chp7.pptx
CCNA_RSE_Chp7.pptxCCNA_RSE_Chp7.pptx
CCNA_RSE_Chp7.pptxNarcisIlie1
 
cisco-nti-Day19
cisco-nti-Day19cisco-nti-Day19
cisco-nti-Day19eyad alaa
 
CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8Irsandi Hasan
 
CCNAv5 - S4: Chapter 4 Frame Relay
CCNAv5 - S4: Chapter 4 Frame RelayCCNAv5 - S4: Chapter 4 Frame Relay
CCNAv5 - S4: Chapter 4 Frame RelayVuz Dở Hơi
 
Cn instructor ppt_chapter4_final
Cn instructor ppt_chapter4_finalCn instructor ppt_chapter4_final
Cn instructor ppt_chapter4_finalLeoo Romo
 
CCNA Exploration 4 - Chapter 5
CCNA Exploration 4 - Chapter 5CCNA Exploration 4 - Chapter 5
CCNA Exploration 4 - Chapter 5Irsandi Hasan
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1Waqas Ahmed Nawaz
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)newbie2019
 
CCNAv5 - S4: Chapter 1 Hierarchical Network Design
CCNAv5 - S4: Chapter 1 Hierarchical Network DesignCCNAv5 - S4: Chapter 1 Hierarchical Network Design
CCNAv5 - S4: Chapter 1 Hierarchical Network DesignVuz Dở Hơi
 
CCNAv5 - S3: Chapter1 Introduction to Scaling Networks
CCNAv5 - S3: Chapter1 Introduction to Scaling NetworksCCNAv5 - S3: Chapter1 Introduction to Scaling Networks
CCNAv5 - S3: Chapter1 Introduction to Scaling NetworksVuz Dở Hơi
 

Similar to CCNA3 Verson6 Chapter7 (20)

CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 7
 
CCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control ListsCCNAv5 - S2: Chapter 9 Access Control Lists
CCNAv5 - S2: Chapter 9 Access Control Lists
 
Chapter 09 - Access Control Lists
Chapter 09 - Access Control ListsChapter 09 - Access Control Lists
Chapter 09 - Access Control Lists
 
CCNA 2 Routing and Switching v5.0 Chapter 9
CCNA 2 Routing and Switching v5.0 Chapter 9CCNA 2 Routing and Switching v5.0 Chapter 9
CCNA 2 Routing and Switching v5.0 Chapter 9
 
Chapter 20 : access control lists
Chapter 20 : access control listsChapter 20 : access control lists
Chapter 20 : access control lists
 
CCNA (R & S) Module 02 - Connecting Networks - Chapter 4
CCNA (R & S) Module 02 - Connecting Networks - Chapter 4CCNA (R & S) Module 02 - Connecting Networks - Chapter 4
CCNA (R & S) Module 02 - Connecting Networks - Chapter 4
 
CCNA_RSE_Chp7.pptx
CCNA_RSE_Chp7.pptxCCNA_RSE_Chp7.pptx
CCNA_RSE_Chp7.pptx
 
cisco-nti-Day19
cisco-nti-Day19cisco-nti-Day19
cisco-nti-Day19
 
Icnd210 s06l01
Icnd210 s06l01Icnd210 s06l01
Icnd210 s06l01
 
CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8CCNA Discovery 3 - Chapter 8
CCNA Discovery 3 - Chapter 8
 
CCNAv5 - S4: Chapter 4 Frame Relay
CCNAv5 - S4: Chapter 4 Frame RelayCCNAv5 - S4: Chapter 4 Frame Relay
CCNAv5 - S4: Chapter 4 Frame Relay
 
Cn instructor ppt_chapter4_final
Cn instructor ppt_chapter4_finalCn instructor ppt_chapter4_final
Cn instructor ppt_chapter4_final
 
CCNA Exploration 4 - Chapter 5
CCNA Exploration 4 - Chapter 5CCNA Exploration 4 - Chapter 5
CCNA Exploration 4 - Chapter 5
 
ENSA_Module_4.pptx
ENSA_Module_4.pptxENSA_Module_4.pptx
ENSA_Module_4.pptx
 
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
CCNA (R & S) Module 03 - Routing & Switching Essentials - Chapter 1
 
acl configuration
acl configurationacl configuration
acl configuration
 
Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)Ccna rse chp7 Access Control List (ACL)
Ccna rse chp7 Access Control List (ACL)
 
CCNAv5 - S4: Chapter 1 Hierarchical Network Design
CCNAv5 - S4: Chapter 1 Hierarchical Network DesignCCNAv5 - S4: Chapter 1 Hierarchical Network Design
CCNAv5 - S4: Chapter 1 Hierarchical Network Design
 
IPv6 ACL
IPv6 ACLIPv6 ACL
IPv6 ACL
 
CCNAv5 - S3: Chapter1 Introduction to Scaling Networks
CCNAv5 - S3: Chapter1 Introduction to Scaling NetworksCCNAv5 - S3: Chapter1 Introduction to Scaling Networks
CCNAv5 - S3: Chapter1 Introduction to Scaling Networks
 

More from Chaing Ravuth

CCNP Switching Chapter 3
CCNP Switching Chapter 3CCNP Switching Chapter 3
CCNP Switching Chapter 3Chaing Ravuth
 
CCNP Switching Chapter 2
CCNP Switching Chapter 2CCNP Switching Chapter 2
CCNP Switching Chapter 2Chaing Ravuth
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1Chaing Ravuth
 
CCNP Switching Chapter 10
CCNP Switching Chapter 10CCNP Switching Chapter 10
CCNP Switching Chapter 10Chaing Ravuth
 
CCNP Switching Chapter 8
CCNP Switching Chapter 8CCNP Switching Chapter 8
CCNP Switching Chapter 8Chaing Ravuth
 
CCNP Switching Chapter 6
CCNP Switching Chapter 6CCNP Switching Chapter 6
CCNP Switching Chapter 6Chaing Ravuth
 
CCNP Switching Chapter 4
CCNP Switching Chapter 4CCNP Switching Chapter 4
CCNP Switching Chapter 4Chaing Ravuth
 
CCNA4 Verson6 Chapter8
CCNA4 Verson6 Chapter8CCNA4 Verson6 Chapter8
CCNA4 Verson6 Chapter8Chaing Ravuth
 
CCNA4 Verson6 Chapter7
CCNA4 Verson6 Chapter7CCNA4 Verson6 Chapter7
CCNA4 Verson6 Chapter7Chaing Ravuth
 

More from Chaing Ravuth (14)

CCNP ROUTE V7 CH6
CCNP ROUTE V7 CH6CCNP ROUTE V7 CH6
CCNP ROUTE V7 CH6
 
CCNP ROUTE V7 CH5
CCNP ROUTE V7 CH5CCNP ROUTE V7 CH5
CCNP ROUTE V7 CH5
 
CCNP ROUTE V7 CH4
CCNP ROUTE V7 CH4CCNP ROUTE V7 CH4
CCNP ROUTE V7 CH4
 
CCNP ROUTE V7 CH3
CCNP ROUTE V7 CH3CCNP ROUTE V7 CH3
CCNP ROUTE V7 CH3
 
CCNP ROUTE V7 CH1
CCNP ROUTE V7 CH1CCNP ROUTE V7 CH1
CCNP ROUTE V7 CH1
 
CCNP Switching Chapter 3
CCNP Switching Chapter 3CCNP Switching Chapter 3
CCNP Switching Chapter 3
 
CCNP Switching Chapter 2
CCNP Switching Chapter 2CCNP Switching Chapter 2
CCNP Switching Chapter 2
 
CCNP Switching Chapter 1
CCNP Switching Chapter 1CCNP Switching Chapter 1
CCNP Switching Chapter 1
 
CCNP Switching Chapter 10
CCNP Switching Chapter 10CCNP Switching Chapter 10
CCNP Switching Chapter 10
 
CCNP Switching Chapter 8
CCNP Switching Chapter 8CCNP Switching Chapter 8
CCNP Switching Chapter 8
 
CCNP Switching Chapter 6
CCNP Switching Chapter 6CCNP Switching Chapter 6
CCNP Switching Chapter 6
 
CCNP Switching Chapter 4
CCNP Switching Chapter 4CCNP Switching Chapter 4
CCNP Switching Chapter 4
 
CCNA4 Verson6 Chapter8
CCNA4 Verson6 Chapter8CCNA4 Verson6 Chapter8
CCNA4 Verson6 Chapter8
 
CCNA4 Verson6 Chapter7
CCNA4 Verson6 Chapter7CCNA4 Verson6 Chapter7
CCNA4 Verson6 Chapter7
 

Recently uploaded

Mental Health Awareness - a toolkit for supporting young minds
Mental Health Awareness - a toolkit for supporting young mindsMental Health Awareness - a toolkit for supporting young minds
Mental Health Awareness - a toolkit for supporting young mindsPooky Knightsmith
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...Nguyen Thanh Tu Collection
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfPrerana Jadhav
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSMae Pangan
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataBabyAnnMotar
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmStan Meyer
 
Multi Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP ModuleMulti Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP ModuleCeline George
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1GloryAnnCastre1
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...DhatriParmar
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Projectjordimapav
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Developmentchesterberbo7
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseCeline George
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxlancelewisportillo
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxSayali Powar
 
week 1 cookery 8 fourth - quarter .pptx
week 1 cookery 8 fourth - quarter .pptxweek 1 cookery 8 fourth - quarter .pptx
week 1 cookery 8 fourth - quarter .pptxJonalynLegaspi2
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management SystemChristalin Nelson
 
How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17Celine George
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxHumphrey A Beña
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Association for Project Management
 

Recently uploaded (20)

Mental Health Awareness - a toolkit for supporting young minds
Mental Health Awareness - a toolkit for supporting young mindsMental Health Awareness - a toolkit for supporting young minds
Mental Health Awareness - a toolkit for supporting young minds
 
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
31 ĐỀ THI THỬ VÀO LỚP 10 - TIẾNG ANH - FORM MỚI 2025 - 40 CÂU HỎI - BÙI VĂN V...
 
Narcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdfNarcotic and Non Narcotic Analgesic..pdf
Narcotic and Non Narcotic Analgesic..pdf
 
Textual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHSTextual Evidence in Reading and Writing of SHS
Textual Evidence in Reading and Writing of SHS
 
Measures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped dataMeasures of Position DECILES for ungrouped data
Measures of Position DECILES for ungrouped data
 
Oppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and FilmOppenheimer Film Discussion for Philosophy and Film
Oppenheimer Film Discussion for Philosophy and Film
 
Multi Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP ModuleMulti Domain Alias In the Odoo 17 ERP Module
Multi Domain Alias In the Odoo 17 ERP Module
 
Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1Reading and Writing Skills 11 quarter 4 melc 1
Reading and Writing Skills 11 quarter 4 melc 1
 
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
Blowin' in the Wind of Caste_ Bob Dylan's Song as a Catalyst for Social Justi...
 
ClimART Action | eTwinning Project
ClimART Action | eTwinning ProjectClimART Action | eTwinning Project
ClimART Action | eTwinning Project
 
Using Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea DevelopmentUsing Grammatical Signals Suitable to Patterns of Idea Development
Using Grammatical Signals Suitable to Patterns of Idea Development
 
How to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 DatabaseHow to Make a Duplicate of Your Odoo 17 Database
How to Make a Duplicate of Your Odoo 17 Database
 
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptxQ4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
Q4-PPT-Music9_Lesson-1-Romantic-Opera.pptx
 
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptxBIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
BIOCHEMISTRY-CARBOHYDRATE METABOLISM CHAPTER 2.pptx
 
week 1 cookery 8 fourth - quarter .pptx
week 1 cookery 8 fourth - quarter .pptxweek 1 cookery 8 fourth - quarter .pptx
week 1 cookery 8 fourth - quarter .pptx
 
Transaction Management in Database Management System
Transaction Management in Database Management SystemTransaction Management in Database Management System
Transaction Management in Database Management System
 
How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17How to Fix XML SyntaxError in Odoo the 17
How to Fix XML SyntaxError in Odoo the 17
 
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptxINTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
INTRODUCTION TO CATHOLIC CHRISTOLOGY.pptx
 
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
Team Lead Succeed – Helping you and your team achieve high-performance teamwo...
 
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptxINCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
INCLUSIVE EDUCATION PRACTICES FOR TEACHERS AND TRAINERS.pptx
 

CCNA3 Verson6 Chapter7

  • 1. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 1 Instructor Materials Chapter 7: Access Control Lists CCNA Routing and Switching Routing and Switching Essentials v6.0
  • 2. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 13 Chapter 7: Access Control Lists Routing and Switching Essentials v6.0
  • 3. Presentation_ID 14© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Chapter 7 - Sections & Objectives 7.1 ACL Operation • Explain how ACLs filter traffic. • Explain how ACLs use wildcard masks. • Explain how to create ACLs. • Explain how to place ACLs. 7.2 Standard IPv4 ACLs • Configure standard IPv4 ACLs to filter traffic to meet networking requirements. • Use sequence numbers to edit existing standard IPv4 ACLs. • Configure a standard ACL to secure vty access. 7.3 Troubleshoot ACLs • Explain how a router processes packets when an ACL is applied. • Troubleshoot common standard IPv4 ACL errors using CLI commands.
  • 4. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 15 7.1 ACL Operation
  • 5. Presentation_ID 16© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Purpose of ACLs What is an ACL?  By default, a router does not have ACLs configured; therefore, by default a router does not filter traffic.
  • 6. Presentation_ID 17© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Purpose of ACLs Packet Filtering  Packet filtering, sometimes called static packet filtering, controls access to a network by analyzing the incoming and outgoing packets and passing or dropping them based on given criteria, such as the source IP address, destination IP addresses, and the protocol carried within the packet.  A router acts as a packet filter when it forwards or denies packets according to filtering rules.  An ACL is a sequential list of permit or deny statements, known as access control entries (ACEs).
  • 7. Presentation_ID 18© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Purpose of ACLs ACL Operation
  • 8. Presentation_ID 19© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Introducing ACL Wildcard Masking
  • 9. Presentation_ID 20© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Introducing ACL Wildcard Masking (cont.) Example
  • 10. Presentation_ID 21© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Examples
  • 11. Presentation_ID 22© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Examples (cont.)
  • 12. Presentation_ID 23© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Calculating the Wildcard Mask  Calculating wildcard masks can be challenging. One shortcut method is to subtract the subnet mask from 255.255.255.255.
  • 13. Presentation_ID 24© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Keywords
  • 14. Presentation_ID 25© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Wildcard Masks in ACLs Wildcard Mask Keyword Examples
  • 15. Presentation_ID 26© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Creation General Guidelines for Creating ACLS
  • 16. Presentation_ID 27© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Creation ACL Best Practices
  • 17. Presentation_ID 28© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Placement Where to Place ACLs
  • 18. Presentation_ID 29© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Placement Where to Place ACLs (cont.)  Every ACL should be placed where it has the greatest impact on efficiency. The basic rules are:  Extended ACLs - Locate extended ACLs as close as possible to the source of the traffic to be filtered.  Standard ACLs - Because standard ACLs do not specify destination addresses, place them as close to the destination as possible.  Placement of the ACL, and therefore the type of ACL used, may also depend on: the extent of the network administrator’s control, bandwidth of the networks involved, and ease of configuration.
  • 19. Presentation_ID 30© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Guidelines for ACL Placement Standard ACL Placement  The administrator wants to prevent traffic originating in the 192.168.10.0/24 network from reaching the 192.168.30.0/24 network.
  • 20. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 31 7.2 Standard IPv4 ACLs
  • 21. Presentation_ID 32© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Numbered Standard IPv4 ACL Syntax  Router(config)# access-list access-list-number { deny | permit | remark } source [ source-wildcard ] [ log ]
  • 22. Presentation_ID 33© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Applying Standard IPv4 ACLs to Interfaces
  • 23. Presentation_ID 34© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Applying Standard IPv4 ACLs to Interfaces (cont.)
  • 24. Presentation_ID 35© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Numbered Standard IPv4 ACL Examples
  • 25. Presentation_ID 36© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Numbered Standard IPv4 ACL Examples (cont.)
  • 26. Presentation_ID 37© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Named Standard IPv4 ACL Syntax
  • 27. Presentation_ID 38© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Configure Standard IPv4 ACLs Named Standard IPv4 ACL Syntax (cont.)
  • 28. Presentation_ID 39© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Method 1 – Use a Text Editor
  • 29. Presentation_ID 40© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Method 2 – Use Sequence Numbers
  • 30. Presentation_ID 41© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Editing Standard Named ACLs
  • 31. Presentation_ID 42© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs Verifying ACLs
  • 32. Presentation_ID 43© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Modify IPv4 ACLs ACL Statistics
  • 33. Presentation_ID 44© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Securing VTY Ports with a Standard IPv4 ACL The access-class Command  The access-class command configured in line configuration mode restricts incoming and outgoing connections between a particular VTY (into a Cisco device) and the addresses in an access list.
  • 34. Presentation_ID 45© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Securing VTY Ports with a Standard IPv4 ACL Verifying the VTY Port is Secured
  • 35. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 46 7.3 Troubleshoot ACLs
  • 36. Presentation_ID 47© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs The Implicit Deny Any  At least one permit ACE must be configured in an ACL or all traffic is blocked.  For the network in the figure, applying either ACL 1 or ACL 2 to the S0/0/0 interface of R1 in the outbound direction will have the same effect.
  • 37. Presentation_ID 48© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs The Order of ACEs in an ACL
  • 38. Presentation_ID 49© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs The Order of ACEs in an ACL (cont.)
  • 39. Presentation_ID 50© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs Cisco IOS Reorders Standard ACLs Notice that the statements are listed in a different order than they were entered.
  • 40. Presentation_ID 51© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs Cisco IOS Reorders Standard ACLs (cont.) The order in which the standard ACEs are listed is the sequence used by the IOS to process the list.
  • 41. Presentation_ID 52© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Processing Packet with ACLs Routing Processes and ACLs  As a frame enters an interface, the router checks to see whether the destination Layer 2 address matches its interface Layer 2 address, or whether the frame is a broadcast frame.  If the frame address is accepted, the frame information is stripped off and the router checks for an ACL on the inbound interface.  If an ACL exists, the packet is tested against the statements in the list.  If the packet matches a statement, the packet is either permitted or denied.  If the packet is accepted, it is then checked against routing table entries to determine the destination interface.  If a routing table entry exists for the destination, the packet is then switched to the outgoing interface, otherwise the packet is dropped.  Next, the router checks whether the outgoing interface has an ACL. If an ACL exists, the packet is tested against the statements in the list. If the packet matches a statement, it is either permitted or denied.  If there is no ACL or the packet is permitted, the packet is encapsulated in the new Layer 2 protocol and forwarded out the interface to the next device.
  • 42. Presentation_ID 53© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 1
  • 43. Presentation_ID 54© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 1 (cont.)
  • 44. Presentation_ID 55© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 2 Security Policy: The 192.168.11.0/24 network should not be able to access the 192.168.10.0/24 network.
  • 45. Presentation_ID 56© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 2 (cont.) ACL 20 was applied to the wrong interface and in the wrong direction. All traffic from the 192.168.11.0/24 is denied inbound access through the G0/1 interface.
  • 46. Presentation_ID 57© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 2 (cont.)
  • 47. Presentation_ID 58© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 3 Problem Security Policy: Only PC1 is allowed SSH remote access to R1.
  • 48. Presentation_ID 59© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential Common Standard IPv4 ACL Errors Troubleshooting Standard IPv4 ACLs – Example 3 (cont.) Solution! Security Policy: Only PC1 is allowed SSH remote access to R1.
  • 49. © 2008 Cisco Systems, Inc. All rights reserved. Cisco ConfidentialPresentation_ID 60 7.4 Summary
  • 50. Presentation_ID 61© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential • Explain how ACLs filter traffic. • Explain how ACLs use wildcard masks. • Explain how to create ACLs. • Explain how to place ACLs. • Configure standard IPv4 ACLs to filter traffic to meet networking requirements. • Use sequence numbers to edit existing standard IPv4 ACLs. • Configure a standard ACL to secure vty access. • Explain how a router processes packets when an ACL is applied. • Troubleshoot common standard IPv4 ACL errors using CLI commands. Chapter Summary Summary
  • 51. Presentation_ID 64© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential
  • 52. Presentation_ID 65© 2008 Cisco Systems, Inc. All rights reserved. Cisco Confidential