Online Security
eg: UK or Brides UK or Classical Art or Buy Music or Spirituality
 
eg: UK or Brides UK or Classical Art or Buy Music or Spirituality
 
Business & Money
Technology
Women
Health
Education
Family
Travel
Cars
Entertainment
SD Editorials
Online Guide and article directory site.
Foodeditorials.com
Over 15,000 recipes & editorials on food.
Lyricadvisor.com
Get 100,000 Lyric & Albums.
  • Business & Money
    • A Guide to Business
    • Guide to Finance
    • Ideas for Marketing
    • Legal Guide
    • Guide to Insurance
    • Lettre De Motivation
    • Guide to the Stock Market
    • Human Resource Career
    • Sales Marketing
    • Forex & Trading
    • Advertising & Marketing
    • Startup Guide
  • Technology
    • Guide to Technology
    • Cell Phones
    • Computer Software
    • IT Hardwares
    • Internet
    • Online Security
    • Cameras
    • Search Engine Optimization
    • Science & Technology
  • Women
    • Guide to Women
    • Relationship Advice
    • Marriage
    • Jewelry
    • Pregnancy
    • Fashion Style
    • Divorce Guide
    • Wedding Guide
    • Dating Guide
    • Natural Beauty
  • Health
    • Guide to Health
    • Guide to Medical
    • Plastic Surgery
    • Weight Loss
    • Sports
    • Body Wellness
    • Cancer Treatment
    • Common Illness
    • Health & Lifestyle
  • Education
    • Military Service
    • Politics and Policy
    • Arts & Humanities
    • Education and Teaching
    • Learn Languages
    • Colleges & Universities
  • Family
    • Quality Home Improvement
    • Hobbies and Interests
    • Family Guide to
    • Pet Guide
    • Loans Guide
    • Credit Cards
    • Gardening Guide
    • Home Security
    • Real Estate
    • Home Decor
    • Gift & Present
  • Travel
    • The Travel Guide
    • Adventure Travel
    • Cruise Ships
    • Beach Holiday
    • Travel Accommodation
    • Holiday Destinations
  • Cars
    • Information on Cars
    • Traffic Violations
    • Auto Insurance
    • Trailers
    • Sport Cars
    • The Bikes
  • Entertainment
    • Entertainment Guide
    • World Music
    • Photo & Video
    • Television & Games

Windows Access Control List
    View: 
ACLs can be used to filter traffic for various purposes including security, monitoring, route selection, and network address translation. ACLs are comprised of one or more Access Control Entries (ACEs). Each ACE is an individual line within an ACL.



ACLs on a Cisco ASA Security Appliance (or a PIX firewall running software version 7.x or later) are similar to those on a Cisco router, but not identical. Firewalls use real subnet masks instead of the inverted mask used on a router. ACLs on a firewall are always named instead of numbered and are assumed to be an extended list.

The syntax of an ACE is relatively straight-forward:

Ciscoasa(config)#access-list name [line number] [extended] {permit | deny} protocol source_IP_address source_netmask [operator source_port] destination_IP_address destination_netmask [operator destination_port] [log [[disable | default] | [level]] [interval seconds]] [time-range name] [inactive]

Here's an example:

asa(config)# access-list demo1 permit tcp 10.1.0.0 255.255.255.0 any eq www

asa(config)# access-list demo1 permit tcp 10.1.0.0 255.255.255.0 any eq 443

asa(config)# show access-list demo1

access-list demo1; 2 elements

access-list demo1 line 1 extended permit tcp 10.1.0.0 255.255.255.0 any eq www

access-list demo1 line 2 extended permit tcp 10.1.0.0 255.255.255.0 any eq https

In the above example, an ACL called "demo1" is created in which the first ACE permits TCP traffic originating on the 10.1.0.0 subnet to go to any destination IP address with the destination port of 80 (www). In the second ACE, the same traffic flow is permitted for destination port 443. Notice in the output of the show access-list that line numbers are displayed and the extended parameter is also included, even though neither was included in the configuration statements.

You can deactivate an ACE without deleting it by appending the inactive option to the end of the line.

As with Cisco routers, there is an implicit "deny any" at the end of every ACL. Any traffic that is not explicitly permitted is implicitly denied.

**Editing ACLs and ACEs**

New ACEs are appended to the end of the ACL. If you want, however, to insert the new ACE at a particular location within the ACL, you can add the line number parameter to the ACE:

asa04(config)# access-list demo1 line 1 deny tcp host 10.1.0.2 any eq www

asa04(config)# show access-list demo1

access-list demo1; 3 elements

access-list demo1 line 1 extended deny tcp host 10.1.0.2 any eq www

access-list demo1 line 2 extended permit tcp 10.1.0.0 255.255.255.0 any eq www

access-list demo1 line 3 extended permit tcp 10.1.0.0 255.255.255.0 any eq https

Notice in the first line of the example above that an ACE is added at line one in the ACL. Notice in the output from the show access-list demo1 command that the new entry is added in the first position in the ACL and the former first entry becomes line number two.

You can remove an ACE from an ACL by preceding the ACE configuration statement with the modifier no, as in the following example:

Asa04(config)#no access-list demo1 deny tcp host 10.10.2 any eq www

In my next article, I'll show you how to use time-ranges to apply access-control lists only at certain times and/or on certain days. I'll also show you how to use object-groups with access-control lists to simplify ACL management by grouping similar components such as IP addresses or protocols together.

Copyright (c) 2008 Don R. Crawley
More Articles from
Internet Security Firewall
Anti Virus And Firewall Software
Anti Virus Software Spyware
Antivirus And Firewall Protection
Antivirus And Firewall Software
Barracuda Networks Spam Firewall
Clinical Nurse Specialist Certification
Connecting To Home Computer
Firewalls And Internet Security
Firewalls And Proxy Servers
Free Antivirus Firewall Software
Get Rid Of Spam Email
Great Balls Of Fire Soundtrack
Guide To Firewalls And Network Security
Hot Shots The Movie
How To Bypass Firewall
How To Bypass School
How To Home Networking
How To Protect Computer From Hackers
How To Stop Hacker
How To Use Firewall
» More on
Internet Security Firewall
  • Related Articles
  • Author
  • Most Popular
•Access Control And Security, by Jimi Khan
•Access Control Security System, by Dave Poon
•Access Control System Installation, by Daniel Owen
•Biometric Access Control Systems, by James Marriot
•Card Access Control Systems, by Sher Matsen
Don R. Crawley has sinced written about articles on various topics from Computers and The Internet, Personal Desktop and Computers and The Internet. Don R. Crawley, CCNA-certified, is president and chief technologist at , the Seattle training firm specializing in business skills and technical traini. Don R. Crawley's top article generates over 4400 views. to your Favourites.
A Thousand Times No
Love is real, believe it, it can happen to you. My persistence and hard work have been rewarded one thousand times over, good luck to you all, wish you the very best of luck in your search
 
A Guide to Business | Guide to Technology | Guide to Women | Guide to Health | Family Guide to | Travel & Vacations | Information on Cars

EditorialToday Online Security has 1 sub sections. Such as Online Security Threats. With over 20,000 authors and writers, we are a well known online resource and editorial services site in United Kingdom, Canada & America . Here, we cover all the major topics from self help guide to A Guide to Business, Guide to Finance, Ideas for Marketing, Legal Guide, Lettre De Motivation, Guide to Insurance, Guide to Health, Guide to Medical, Military Service, Guide to Women, Pet Guide, Politics and Policy , Guide to Technology, The Travel Guide, Information on Cars, Entertainment Guide, Family Guide to, Hobbies and Interests, Quality Home Improvement, Arts & Humanities and many more.
About Editorial Today | Contact Us | Terms of Use | Submit an Article | Our Authors