CCENT/CCNA ICND1 100-101 Official Cert Guide

Matching the Protocol, Source IP, and Destination IP

Like standard numbered IP ACLs, extended numbered IP ACLs also use the access-list global command. The syntax is identical, at least up through the permit or deny keyword. At that point, the command lists matching parameters, and those differ, of course. In particular, the extended ACL access-list command requires three matching parameters: the IP protocol type, the source IP address, and the destination IP address.

The IP header’s Protocol field identifies the header that follows the IP header. Figure 23-2 shows the location of the IP Protocol field, the concept of it pointing to the type of header that follows, along with some details of the IP header for reference.

Figure 23-2 IP Header, ...

Get CCENT/CCNA ICND1 100-101 Official Cert Guide now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCENT/CCNA ICND1 100-101 Official Cert Guide by

Matching the Protocol, Source IP, and Destination IP

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly