#####   ######  #####    ###    #   #  ###  #   #  ######
##  ##  ##      ##  ##  ## ##   #   #   #   #   #  ##
#####   ####    #####   #   #   #   #   #   #   #  ####
##  #   ##      ##      ## ##    # #    #    # #   ##
##   #  ######  ##       ###      #    ###    #    ######

$ curl repovive.com/roadmaps/network-design/acls-and-firewalls/extended-acls

░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░░████████████████████████████████████████████████████████████████████████████

#####   ######  #####    ###    #   #  ###  #   #  ######
##  ##  ##      ##  ##  ## ##   #   #   #   #   #  ##
#####   ####    #####   #   #   #   #   #   #   #  ####
##  #   ##      ##      ## ##    # #    #    # #   ##
##   #  ######  ##       ###      #    ###    #    ######

$ curl repovive.com/roadmaps/network-design/acls-and-firewalls/extended-acls

Repovive

Extended ACLs - ACLs and Firewalls | Network Design | Repovive

Repovive.

Network Design26 sections · 911 units44h total

Open in Course

Extended ACLs

Multi-field filtering

Extended ACLs let you filter on source IP, destination IP, protocol, and port numbers. They're numbered $100$ - $199$ or $2000$ - $2699$ . This gives you fine-grained control over exactly which traffic to permit or deny.

Example:

access-list 101 permit tcp 192.168.1.0 0.0.0.255 any eq 80
access-list 101 deny ip any any

This permits HTTP traffic (port $80$ ) from the $192.168.1.0/24$ subnet to any destination. All other traffic is denied.