They are often used for wire-speed encryption in data networks. | |
They are based on complex mathematical operations and can easily be accelerated by hardware. | |
They offer simple key management properties. | |
They are best used for one-time encryption needs. |
access-list 101 permit tcp any eq 3030 | |
access-list 101 permit ip host 10.1.129.100 eq 3030 host 192.168.1.100 eq 80 | |
access-list 101 permit tcp 192.168.1.10 0.0.0.0 eq 80 10.1.0.0 0.0.255.255 | |
access-list 101 permit tcp host 192.168.1.10 eq 80 10.1.0.0 0.0.255.255 eq 3030 | |
access-list 101 permit tcp 10.1.128.0 0.0.1.255 eq 3030 192.168.1.0 0.0.0.15 eq www | |
access-list 101 permit tcp 10.1.129.0 0.0.0.255 eq www 192.168.1.10 0.0.0.0 eq www |
Only one ACL per protocol, per direction, and per interface is allowed. | |
Apply the ACL to the interface prior to configuring access control entries to ensure that controls are applied immediately upon configuration. | |
An "implicit deny" is applied to the start of the ACL entry by default. | |
ACLs filter all traffic through and sourced from the router. |