Network & Security Engineering
  • My Training Course
  • Network Engineering
    • CompTIA Network+
      • OSI Model: Layers 1-7 (Functions & Devices)
      • TCP/IP Model: Layers & Protocols
      • Encapsulation & De-encapsulation Process in Networking
      • Star, Mesh, Bus, Ring, Hybrid
      • LAN, WAN, WLAN, MAN, CAN, PAN
      • IPv4 Addressing & Classes
      • CIDR Notation & Subnet Masks
      • Private vs. Public IPs
      • Common TCP & UDP Ports
      • Twisted Pair (CAT5e, CAT6, CAT7, etc.)
      • Fiber Optic Cables
      • Ethernet Frame Structure
      • Switches
      • Router
      • Traceroute Test
      • Setting Up a Wireless Network in Cisco Packet Tracer
    • CCNA
      • Cisco Systems History
      • Cisco Certification Roadmap
      • Cisco Router Port Naming
      • Configuring Hostname, Passwords, and Banners in GNS3
      • Setting Router Clocks in Cisco Devices
      • Assigning IP Addresses to Interfaces
      • How to Back Up and Restore Router Configurations with TFTP
      • SSH Configuration on a Cisco Router
      • Configuring Static Routes on Routers
      • Configuring RIP v2 and Verifying Routes
      • Configuring EIGRP
      • Implementing Single-Area OSPF
      • Implementing Multiple OSPF Areas
      • Troubleshooting with show ip route
      • Configuring Standard ACLs in Cisco Routers
      • Getting Internet in GNS3 using a Cisco Router
      • Securing Remote Management and Disabling Unnecessary Services
      • Setting up a DHCP Server on a Cisco Router
      • Creating VLANs and Assigning Ports
      • Blackhole VLAN
      • Configuring 802.1Q Trunking
      • Configuring SSH on a Cisco Switch
      • Configuring Router-on-a-stick (ROAS) for VLANs
      • Setting up Syslog for Network Monitoring
      • Serial Point-to-Point Overview
      • Point-to-Multipoint OSPF in Metro Ethernet WAN Network
      • Frame Relay Configuration
    • CCNP
      • OSPF Single Area Configuration
      • OSPF Multi-Area Configuration
    • GNS3
      • About GNS3
      • GNS3 Architecture
      • Windows Installation
      • Linux Installation
      • Cisco IOS images for Dynamips
      • Add Router IOS Image in GNS3
      • Add a Virtual Machine in GNS3
      • Upgrade The GNS3 VM
      • L2 Switching Simulation
      • L3 switching Simulation
      • Lab 01 : Connect 2 PCs
      • Lab 02 : Configuring Ethernet and Serial Interfaces
      • Lab 03 : Basic switch setup
      • Lab 04 : Basic router setup
      • Lab 05 : Connect Router to Cloud in GNS3
      • Lab 06 : Router Remote Access via Telnet
      • Lab 07 : Configure Static Route in GNS3
      • Lab 08 : Syslog Server for Cisco Router in GNS3
      • Lab 09 : DHCP configuration in GNS3
      • Lab 10 : PPP Configuration
      • Lab 11 : Configuring Switch Security Features
    • MTCNA
      • Module 1 : Introduction
        • History
        • Cisco vs. MikroTik
        • Training Programs
        • MikroTik RouterOS
        • MikroTik RouterBOARD
        • Product Categories
        • Product Naming
        • First Time Access
        • Winbox
        • Default Configuration
        • Neighbor Discovery
        • Command Line Interface
        • Router Identity
        • Upgrading RouterOS
        • Package Management
        • Users and Services
        • Reset Configuration
        • RouterOS Licensing
      • Module 2 : DHCP
        • Overview of DHCP
        • DHCP Client
        • DHCP Server
        • RouterOS ARP table
      • Module 3 : Bridging
        • OSI Model
        • Overview of Bridging
      • Module 4 : Routing
        • IP Addressing
        • Routing Concepts
        • Static routing
      • Module 5 : Wireless
        • Basics of Radio Waves
        • Wireless Agencies
        • 802.11a/b/g/n/ac Concepts
        • Setup a simple wireless link
        • Link Budget Calculation
        • Wireless Network Topologies
        • 2.4 GHz Band
        • 5 GHz Band
      • Module 6 : Firewall
        • Firewall Principles
        • Firewall (Input Chain)
      • Module 7 : QoS
        • Quality of Service
  • Network Administrator
    • Linux Commands
      • The ls command
      • The cd command
      • The cat command
      • The head command
      • The tail command
      • The pwd command
      • The touch Command
      • The cal Command
      • The uname command
      • The mkdir command
      • The gzip command
      • The who command
      • The man command
      • The passwd command
      • The w command
      • The whoami command
      • The cp command
    • Windows Server 2012
      • Windows Server 2012 - Home
      • Installation
      • Server Roles
      • PowerShell
      • Windows Firewall
      • Remote Desktop Management
      • Resource Monitor
      • Active Directory
      • Group Policy Overview
      • DC Accounts
      • DHCP Role
      • DNS Role
      • Primary Zones
      • Manage Records
      • IIS Overview
      • IIS Security
      • Sharing of Files
      • Print Server
    • VMware Workstation
      • Install VMware Workstation on Windows
      • Customize Network Settings in VMware Workstation
      • Install VMware Tools on Windows and Windows Server VMs
      • Configure Autologin for a Windows VM on VMware Workstation
      • Lab 01 - Install Windows 7 on a VMware Workstation
      • Lab 02 - Install CentOS 8 on a VMware Workstation
      • Lab 03 - Install Kali Linux on VMware Workstation
      • Lab 04 - Install The Mikrotik CHR On VMware Workstation​
      • Lab 05 - Install Ubuntu in VMware Workstation
      • Lab 06 - Installing GNS3 VM on VMware Workstation
      • Lab 07 - Install Windows Server 2012 R2 on VMWare Workstation
      • Lab 08 - Install Windows 10 in VMware Workstation
    • LPIC-1
      • 101.1 Determine and configure hardware settings
  • Security Engineering
    • Practical Packet Analysis
      • Network Traffic Analysis with Wireshark in GNS3
      • Echo Requests and Responses
      • Dynamic Host Configuration Protocol
      • Cisco Discovery Protocol
      • Routing Information Protocol
    • PRTG Network Monitoring
      • Overview of PRTG Network Monitor
      • Internet Uptime/Availability Monitoring
      • Configuring SNMP v2 on Cisco Devices
    • Classical Ciphers
      • Caesar Cipher
      • Atbash Cipher
      • Vigenère Cipher
      • Affine Cipher
      • Hill Cipher
      • Rail Fence Cipher
      • Scytale Cipher
      • Bacon's Cipher
      • Beaufort Cipher
      • ROT13
      • Gronsfeld Cipher
  • Web Development
    • HTML
      • What is HTML?
      • Basic HTML Structure
      • Headings and Paragraphs
      • Text Formatting Tags
      • Working with Links
      • Adding Images to a Webpage
      • Embedding Videos and Audio
      • Creating Lists
      • Building Tables
      • HTML Forms
Powered by GitBook
On this page
  • Introduction to Standard ACLs
  • Step 1: Lab Topology in GNS3
  • Step 2: GNS3 Device Configuration
  • Step 3: Configuring Standard ACL on Router1
  • Step 4: Verifying the Configuration
  • Keywords
  1. Network Engineering
  2. CCNA

Configuring Standard ACLs in Cisco Routers

Nerd cafe

PreviousTroubleshooting with show ip routeNextGetting Internet in GNS3 using a Cisco Router

Last updated 1 month ago

Introduction to Standard ACLs

Access Control Lists (ACLs) in Cisco routers are used to filter traffic based on defined rules. A Standard ACL is a simple form of ACL that filters traffic based on source IP addresses only. It does not consider destination IP or other criteria.

In this guide, we will:

  1. Understand the concept of Standard ACLs

  2. Set up a practical GNS3 lab scenario

  3. Configure Standard ACLs step by step

  4. Test and verify the configuration

Step 1: Lab Topology in GNS3

We will simulate a small network using 1 router, 1 switch and 2 PCs.

Network Topology:

Objective:

  • Allow PC1 (192.168.1.100) to access Router (R1).

  • Deny PC2 (192.168.1.200) from reaching Router (R1).

Step 2: GNS3 Device Configuration

Assign IP addresses to the interfaces of Router (R1)

R1#configure terminal
R1(config)#interface fastEthernet 0/0
R1(config-if)#ip address 192.168.1.1 255.255.255.0
R1(config-if)#no shutdown

Step 3: Configuring Standard ACL on Router1

Create an ACL to allow PC1 and deny PC2

R1(config)#access-list 10 permit 192.168.1.100 0.0.0.0
R1(config)#access-list 10 deny 192.168.1.200 0.0.0.0
R1(config)#access-list 10 permit any

Explanation:

  • access-list 10 permit 192.168.1.100 0.0.0.0 → Allows PC1 to communicate

  • access-list 10 deny 192.168.1.200 0.0.0.0 → Blocks PC2 from communication

  • access-list 10 permit any → Ensures all other traffic is allowed

Apply the ACL to the interface

R1(config)#interface fastEthernet 0/0
R1(config-if)#ip access-group 10 in

Explanation:

  • ip access-group 10 in → Applies ACL 10 to incoming traffic on FastEthernet0/0.

Step 4: Verifying the Configuration

Check the ACL

R1#show access-lists
Standard IP access list 10
    10 permit 192.168.1.100
    20 deny   192.168.1.200
    30 permit any
R1#

Test connectivity

  • PC1 should be able to PING Router (R1)

PC1> ping 192.168.1.1

84 bytes from 192.168.1.1 icmp_seq=1 ttl=255 time=9.702 ms
84 bytes from 192.168.1.1 icmp_seq=2 ttl=255 time=9.840 ms
^C
PC1>

  • PC2 should NOT be able to PING Router1

PC2> ping 192.168.1.1

*192.168.1.1 icmp_seq=1 ttl=255 time=11.651 ms (ICMP type:3, code:13, Communication administratively prohibited)
*192.168.1.1 icmp_seq=2 ttl=255 time=5.817 ms (ICMP type:3, code:13, Communication administratively prohibited)
*192.168.1.1 icmp_seq=3 ttl=255 time=3.315 ms (ICMP type:3, code:13, Communication administratively prohibited)
^C
PC2>

Keywords

Standard ACL, Cisco ACL, Access Control List, Cisco Router, IP filtering, network security, CCNA, GNS3 simulation, ACL configuration, permit IP, deny IP, Cisco commands, access-list 10, router security, packet filtering, subnet ACL, IP access-group, inbound ACL, network filtering, ACL verification, سیسکو

Topology