Introduction
252
SmartWare Software Configuration Guide
24 • Access control list configuration
Introduction
This chapter provides an overview of IP Access Control Lists and describes the tasks involved in configuring
them.
This chapter includes the following sections:
•
About access control lists
•
Access control list configuration task list (see
page 254
)
•
Examples (see
page 264
)
About access control lists
This section briefly describes what access lists do, why and when you should configure access lists, and basic
versus advanced access lists.
What access lists do
Access lists filter network traffic by controlling whether routed packets are forwarded, dropped or blocked at
the router's interfaces. Your router examines each packet to determine whether to forward or drop the packet,
based on the criteria you specified within the access lists.
Access list criteria could be the source address of the traffic, the destination address of the traffic, the upper-
layer protocol, or other information.
Note
Sophisticated users can sometimes successfully evade or fool basic access lists
because no authentication is required.
Why you should configure access lists
There are many reasons to configure access lists. For example, you can use access lists to restrict contents of
routing updates, or to provide traffic flow control. But one of the most important reasons to configure access
lists is to provide security for your network, and this is the reason explored in this chapter.
You should use access lists to provide a basic level of security for accessing your network. If you do not configure
access lists on your router, all packets passing through the router could be allowed onto all parts of your network.