119 - 238 CCNA 2: Routers and Routing Basics v3.1 Instructor Guide – Module 11
Copyright
©
2004, Cisco Systems, Inc.
Module 11: Access Control List (ACLs)
Overview
When teaching Module 11, emphasize the importance of access control lists (ACLs). Network
administrators must establish a way to deny unwanted access to a network and allow internal
users to access necessary services. Security tools such as passwords, callback equipment,
and physical security devices are helpful. However, they often lack the flexibility of basic traffic
filtering and the controls most administrators prefer. ACLs will be used for many aspects of
networking. These include security, dial on demand routing, and all types of route filtering
techniques. Quality of Service routers provide basic traffic filtering capabilities such as the use
of ACLs to block Internet traffic. An ACL is a sequential list of permit or deny statements that
apply to addresses or upper-layer protocols.
Module Caution:
It may be difficult for students to understand the concept of ACLs. This topic
will require additional time for students to understand. Work through numerous examples.
Have students finish the hands-on labs and e-Labs. Consider spending less time on Modules
1, 5, 8, and 10 to make sure ACLs are properly learned.
Students who complete this module should be able to perform the following tasks:
•
Describe the differences between standard and extended ACLs
•
Explain the rules for placement of ACLs
•
Create and apply named ACLs
•
Describe the function of firewalls
•
Use ACLs to restrict virtual terminal access
11.1 Access Control List Fundamentals
Essential Labs:
None
Optional Labs:
None
Core TIs:
All
Optional TIs:
none
Course-Level Claim:
Students can identify the application of packet control with various
access control lists.
Certification-Level Claim:
Students can implement access lists, develop an access list to
meet user specifications, and evaluate rules for packet control.
Hands-on skills:
none