Standard Named ACL Configuration in Packet Tracer

Access Control Lists (ACLs) are a fundamental part of network security. They serve as a tool to control traffic flow within a network, permitting or denying access based on defined rules.

In Cisco Packet Tracer, ACLs come in two forms: Standard ACLs and Extended ACLs. Standard ACLs are further divided into standard named ACLs and standard numbered ACLs. In this blog post, we’ll delve into Standard Named ACL Configuration.

This is a video demonstration of what we will be covering in this article.

Numbered ACLs: The Other Form of Standard ACLs

Before we dive into standard named ACLs, it’s essential to understand that numbered ACLs are the second form of standard ACLs.

This post is one of our series on ACL configuration. You can check others below;

So, let’s start by creating a network topology that we’ll use for this demonstration.

Network Topology

In our network, we’ll have two routers, each with one subnet. To make things more simple, we connected two PCs to each of the switches attached to the routers.

ALSO READ:  How to Connect Two LANs in Packet Tracer

Standard named ACL network topology

Here are the IP addresses that we used for this demonstration.

DeviceDefault GatewayInterface (Ip address)Interface (Ip address)Subnet Mask
Router 1(R1)__G0/0/1 (192.168.1.1)G0/0/0 (192.168.2.1)255.255.255.0
Router 2(R2)__G0/0/1 (192.168.3.1)G0/0/0 (192.168.2.2)255.255.255.0
PC0192.168.3.1fa/0 (192.168.3.2)__255.255.255.0
PC1192.168.3.1fa/0 (192.168.3.3)__255.255.255.0
PC2192.168.1.1fa/0 (192.168.1.2)__255.255.255.0
PC3192.168.1.1fa/0 (192.168.1.3)__255.255.255.0

To keep things precise, we have configured the network according to the IP address shown in the table above. Also, we have completed the static route configuration so that all the PCs can reach each other. We have shown how to do this on another post; static route configuration.

Standard Named ACL Configuration

Now that we have configured interface IP address and the static router configuration, we can proceed to implement the Standard ACL configuration.

Configuration Objectives:

The objective of this configuration is to:

  1. Configure a Standard Named ACL on Router 1 (R1) to Deny traffic from PC0 (192.168.3.2) to the network(192.168.1.0/24) while permitting all other traffic.
  2. Configure a Standard Named ACL on Router 2 (R2) to deny traffic from PC2 to the network(192.168.3.0/24) while permitting all other traffic.
ALSO READ:  How to Connect a Multilayer Switch to a Router in Packet Tracer

Configuration Steps:

To achieve the above objective using Standard named ACL, we need to take the following steps;

Step 1: Configure a Standard Named ACL on Router 1 (R1):

R1(config)# ip access-list standard FILTER_ACL
R1(config-std-nacl)#deny 192.168.3.2
R1(config-std-nacl)#permit any

In the abo e ACL configuration:

  • The first line create a standard ACL with the name; FILTER_ACL
  • The second line denies traffic from 192.168.3.2
  • The third line permits all other IP traffic.

Step 2: Apply the ACL to the Interface on Router 1 (R1):

R1(config-std-nacl)#int g0/0/1
R1(config-if)#ip access-group FILTER_ACL out
R1(config-if)#do write

This configuration applies the ACL to the traffic going out of the interface (G0/0/1)

Step 3: Configure the Standard Named ACL on Router 2 (R2):

R2(config)#ip access-list standard FILTER_ACL2
R2(config-std-nacl)#deny 192.168.1.2 
R2(config-std-nacl)#permit any
R2(config-std-nacl)#int g0/0/1
R2(config-if)#ip access-group FILTER_ACL2 out
R2(config-if)#do write

In the abo e ACL configuration:

  • The first line creates a standard ACL with the name; FILTER_ACL2
  • The second line denies all form of traffic
  • The third line enters the interface; g0/0/1.
  • Fourth Line applies the rules to an interface.

Step 4: Test the configuration

To test the ACL configuration that we have implemented, I pinged from PC0 and PC1 to each of PC2 and PC3, and the pings from PC1 succeeded while the pings from PC0 failed. This shows that we have achieved our first objective.

ALSO READ:  TCP Communication: How to Send TCP Traffic in Packet Tracer

an image showing ping from pc1 to pc 3

Also, I pinged from PC2 and PC3 to the two hosts on the network, 92.168.3.0/24, and all the pings failed. This shows that we have achieved our second objective.

an image showing ping from pc2 to pc0

Related Posts;

  1. Standard Numbered ACL Configuration in Packet Tracer
  2. Extended Numbered ACL Configuration in Packet Tracer
  3. Extended Named ACL Configuration in Packet Tracer

 

2 thoughts on “Standard Named ACL Configuration in Packet Tracer”

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top