Securing with access lists

• Egress and Ingress filtering

  • IP
    access-list 4 permit 208.224.122.73
    
    access-list 4 permit 216.226.223.158
  • IP EXTEND
    access-list 110 deny ip host 0.0.0.0 any
    
    access-list 110 deny ip 10.0.0.0 0.255.255.255 any
    access-list 110 deny ip 172.16.0.0 0.15.255.255 any
    access-list 110 deny ip 192.168.0.0 0.0.0.255 any
    access-list 110 deny ip 205.224.122.0 0.0.0.255 any
    access-list 110 deny ip 127.0.0.0 0.0.0.255 any
    access-list 110 deny tcp any host 205.224.122.3 eq telnet
    access-list 110 deny tcp any host 205.224.122.3 eq www
    access-list 110 deny tcp any host 205.224.122.3 eq finger
    access-list 110 deny tcp any host 205.224.122.1 eq ftp
    access-list 110 permit ip any any
    access-list 110 permit tcp any any
  • Apply it to interface
    ip access-group 110 in (serial Interface)
    
    access-class 4 in (vty)

Previous slide

Next slide

Back to first slide

View graphic version