Configure and Verify IPv4 and IPv6 Access Lists for Traffic Filtering

Introduction

The Configure and verify IPv4 and IPv6 Access Lists for Traffic Filtering module provides you with the instructions and Cisco hardware to develop your hands on skills in creating and applying access lists to routed interfaces. This module includes exercises that will cover the following topics:

• Configuring standard and extended access lists for IPv4
• Configure named access-lists for IPv4
• Configuring and modifying IPv6 access-lists

Lab time: It will take approximately 1 hour to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

• Apply secure design principles to network architecture (e.g., IP & non-IP protocols, segmentation)
• Secure network components
• Design and establish secure communication channels
• Prevent or mitigate network attacks

Exercise 1 - Configuring Standard and Extended Access Lists using IPv4

In this exercise, you will configure access control lists or ACLs to control traffic flows through the network.

Exercise 2 - Configuring Named Access Lists Using IPv4

In the previous exercise, you configured standard and extended numbered access lists. In this exercise, you will create the same access lists, but this time, they will be named.

Exercise 3 - Creating Access-Lists in IPv6

IPv6 access lists don’t come in standard and extended forms in the same way as IPv4 access lists do. When defining IPv6 access lists, you must define both source and destination addresses or networks. Also, IPv6 access lists must be defined using a name and not a number.

Other than these difference, the logic behind access lists in IPv6 is virtually identical to that of IPv4.

In this section, you will configure IPv6 access lists on the NYEDGE1 router.