The Configure and verify IPv4 and IPv6 Access Lists for Traffic Filtering module provides you with the instructions and Cisco hardware to develop your hands on skills in creating and applying access lists to routed interfaces. This module includes exercises that will cover the following topics:
- Configuring standard and extended access lists for IPv4
- Configure named access-lists for IPv4
- Configuring and modifying IPv6 access-lists
Lab time: It will take approximately 1 hour to complete this lab.
The following exam objectives are covered in this lab:
- Apply secure design principles to network architecture (e.g., IP & non-IP protocols, segmentation)
- Secure network components
- Design and establish secure communication channels
- Prevent or mitigate network attacks
Exercise 1 - Configuring Standard and Extended Access Lists using IPv4
In this exercise, you will configure access control lists or ACLs to control traffic flows through the network.
Exercise 2 - Configuring Named Access Lists Using IPv4
In the previous exercise, you configured standard and extended numbered access lists. In this exercise, you will create the same access lists, but this time, they will be named.
Exercise 3 - Creating Access-Lists in IPv6
IPv6 access lists don’t come in standard and extended forms in the same way as IPv4 access lists do. When defining IPv6 access lists, you must define both source and destination addresses or networks. Also, IPv6 access lists must be defined using a name and not a number.
Other than these difference, the logic behind access lists in IPv6 is virtually identical to that of IPv4.
In this section, you will configure IPv6 access lists on the NYEDGE1 router.