ENSA Module 5: ACLs for IPv4 Configuration Quiz

Configuring ACLs

• When configuring a complex ACL, the suggested approach is to start with a simple ACL and gradually add more rules to it.

Sequence Numbers

• Sequence numbers are used when editing existing standard IPv4 ACLs to insert, delete, or modify a rule in the ACL.

Securing VTY Access

• When creating an ACL to secure VTY access, it should include rules that restrict access to the VTY lines.

Extended IPv4 ACLs

• Configuring extended IPv4 ACLs allows for filtering based on source and destination IP addresses, ports, and protocols.

Creating ACLs

• The recommended approach when creating an ACL is to start with a simple ACL and gradually add more rules to it.

Including Remarks

• Remarks should be included when creating an ACL to provide documentation and clarity for the ACL.

Numbered Standard IPv4 ACLs

• The number range for creating a numbered standard IPv4 ACL is 1-99.
• The command used to create a named standard IPv4 ACL is ip access-list standard.
• The source-wildcard in a numbered standard IPv4 ACL specifies the source IP address and wildcard mask.

Linking ACLs to Interfaces or Features

• A numbered or named standard IPv4 ACL is linked to an interface or feature using the ip access-group command.

Deleting ACLs

• The no access-list access-list-number global configuration command deletes an ACL.
• To remove an ACL from an interface, the ACL should be deleted from the running configuration first.

ACL Terms

• In the context of ACLs, the term 'deny' signifies blocking or rejecting traffic.

Named Standard IPv4 ACLs

• Capitalizing ACL names when creating a named standard IPv4 ACL is important for clarity and readability.

ip access-group Command

• The ip access-group command is used to link an ACL to an interface or feature.

Verifying ACLs

• The show ip interface command verifies whether an ACL is applied to an interface.