Posts from ‘ACLs-NAT’
As you may have noticed, INE does a wide variety of training in the Cisco space. This blog post goes out to all those folks who have recently begun their Cisco training.
This month we delivered new live classes on CCNA and CCNP. We are excited for and encourage our students at every level in their journey. In that light, we have gathered a collection of Videos Answers, targeted at the CCNA level, with a few topics leaking into security and CCNP. These videos were primarily created as quick (under 10 minutes each) Video Answers to questions that various learners have had.
Take a look at the list of topics, and if there are 1 or 2 you feel you would benefit from, feel free to enjoy them.
Here are a few of the topics (in no particular order):
- How the network statement really works in IOS
- Setting up SSH
- Initial commands for sanity sake
- NAT with overload
- Router on a stick
- VRFs Continue Reading
One of the key facts regarding Access Control Lists (ACLs) that we drill into your head during CCNA is the fact that the lists you create end with what is called the “implicit” deny all. You do not see it, but the effect is undeniable. Any packets that do not match any of the permit statements in your list get deny treatment. In the case of our filtering access lists, this means the packets are dropped. As you recall from the course, this is why we desperately require at least one permit entry in all of our filtering access control lists.
But what if we want to track what we actually drop as a result of this powerful implicit deny all effect? Well, a clever trick is to end the list with an explicit deny statement and log the result. In this post, we will examine this technique.