Standard ACL Configuration

image1

Note Routig protocol should be configured on router
CHE>enable
CHE#config t
CHE(config)#access-list 10 deny 192.168.1.1 0.0.0.0
CHE(config)#access-list 10 deny 192.168.1.2 0.0.0.0
CHE(config)#access-list 10 permit any
CHE(config)#interface 0/0 (or) int e0
CHE(config-if)#ip access-group 10 out
CHE(config-if)#exit
CHE(config)#exit
CHE#show access-list 10
CHE#show RUN

image2

CHE>enable
CHE#config t
CHE(config)#access-list 20 deny 192.168.1.1 0.0.0.0
CHE(config)#access-list 20 deny 192.168.1.2 0.0.0.0
CHE(config)#access-list 20 permit any
CHE(config)#interface 0/0 (or) int e0
CHE(config-if)#ip access-group 20 out
CHE(config-if)#exit
CHE(config)#exit
CHE#show access-list 20
CHE#ping 192.168.1.1
CHE#ping 192.168.3.1

image3

CHE>enable
CHE#config t
CHE(config)#access-list 102 deny tcp 192.168.2.0 0.0.0.255 192.168.1.100 0.0.0.0 eq 23
CHE(config)#access-list 102 deny tcp 192.168.2.0 0.0.0.255 10.0.0.1 0.0.0.0 eq 23
CHE(config)#access-list 102 permit ip any any

CHE(config)#interface 0/0 (or) int e0
CHE(config-if)#ip access-group 102 in
CHE(config-if)#exit
CHE(config)#exit
CHE#telnet 192.168.1.100

image4

CHE>enable
CHE#config t
CHE(config)#access-list 110 deny ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255
CHE(config)#access-list 110 permit ip any any

CHE(config)#interface 0/0 (or) int e0
CHE(config-if)#ip access-group 110 in
CHE(config-if)#exit
CHE(config)#exit
CHE#ping 192.168.1.100

image5

CHE>enable
CHE#config t
CHE(config)#access-list 100 deny icmp 192.168.2.0 0.0.0.255 192.168.1.100 0.0.0.0 echo
CHE(config)#access-list 100 deny icmp 192.168.2.0 0.0.0.255 10.0.0.1 0.0.0.0 echo
CHE(config)#access-list 100 permit ip any any

CHE(config)#interface 0/0 (or) int e0
CHE(config-if)#ip access-group 100 in
CHE(config-if)#exit
CHE(config)#exit
CHE#ping 192.168.1.100