Configure IP Standard ACL Example

Network Requirements

• PC1, PC2, and PC3 are connected to IP Network via Device.
• Configure the IP standard ACL rule, realizing that PC1 can access IP Network, PC2 and PC3 cannot access IP Network.

Network Topology

Figure 15–1 Networking of configuring IP standard ACL

Configuration Steps

Step 1: Configure the link type of VLAN and port on Device.

#Create VLAN.

#Configure the link type of port gigabitethernet0/1 as Access, permitting the services of VLAN2 to pass.

Step 2: Configure the corresponding VLAN interface and IP address on Device. (Omitted)

Step 3: Configure the IP standard ACL.

#Configure the IP standard ACL with serial number 1 on Device.

#Configure the rule, permitting PC1 to access IP Network.

#Configure the rule, preventing the network segment 131.44.2.0/24 from accessing IP Network.

#Submit the configured rule

#View the information of the ACL with serial number 1 on Device.

Device#show ip access-list 1
ip access-list standard 1 
 10 permit host 131.44.1.1 
 20 deny 131.44.2.0 0.0.0.255 

Step 4: Configure applying IP standard ACL.

#Apply the IP standard ACL with serial number 1 to the ingress of port gigabitethernet0/1 on Device.

#View the information of the ACL applied to the port on Device.

Device#show acl-object interface  
-----------Interface-----Bind-----Instance 	 
Interface----------------Direction----AclType	AclName 
gi0/1          IN     IP    1 
-----------Interface-----Bind-----Instance
Interface VlanId---------Direction----AclType	AclName 
Device#

Step 5: Check the result.

#PC1 can access IP Network; PC and PC3 cannot access IP Network.