Standard Access Control Lists (ACLs) | Cisco CCNA 200-301
ฝัง
- เผยแพร่เมื่อ 4 ก.พ. 2020
- Free TH-cam Playlists from Keith:
Master Playlist for Cisco CCNA 200-301 ogit.online/sloth
Cisco CCNA 200-301 Security ogit.online/200-301_Security
Cisco CCNA 200-301 IPv4 Subnetting ogit.online/subnet
And…
Keith’s Content at CBT Nuggets ogit.online/Keith-CBT
I know you might never see this as they're a lot of comments here already, but I just want you to know that you're an amazing teacher! Everything I have ever struggled to understand, I come back and watch your videos and you just break it down so easily and fun to learn, thank you.
Thank you Anderson Fx!
Awesome job 🙏 thanks for your help I understood ACL properly now. you are a great teacher. I love how you explain everything short and sweet. Keep it up
Keith, I love this playlist. I learn on CBT Nuggets and then review on youtube. It's working out so far.
Thank you Sean Flynn! I appreciate your business and your participation. Let me know if I can help. I can be reached with a DM on my Discord server (links in the TH-cam videos.)
Keith, I really love your videos. You have a great way of making it seem simple. In all honesty i am telling you that I watch other videos , and my CCNA online trainer ...in my own language...and YOU still make more sense.
Thank you Ionel ARGESANU!
For some reason i didn't try to know why there are two types of ACLs, and here it is 14:35 simply explained, thank you.
Thank you Keith!
Hi Keith, Im Kavin from Sri Lanka. Accidentally i found your videos. im So excited. Now im following the CCNA Certification. Your videos helps me a lot. Thank you and keep this up.
Happy to do it, thanks for the feedback Kavindu Githsara Kiriarachchi.
Thank you Keith. I really enjoye watching your videos. They are easy to understand and you really enjoyed teaching us.
You are very welcome
Wow... Simply wow. Thank you.
Thank you too!
no better teacher ever! hands down the OG of IT! You rock Keith Barker, you'll never know the extent of your impact. Thank you! for all the energy, passion, time and care you put into this...
Thank you Converge World!
Such an awesome teacher. You always have a way of getting me to remember these methodical details. All with a chuckle.
Happy to help!
@@KeithBarker hi I am sorry that I am writing it here. The 5th of December the assessment quiz you organized it was ok for me. My question is the real ccna questions hardness would be like this....
Thanks in advance. And also the quiz was not uploaded yet. Please upload 🙏
Ty Keith as always a great explanation in simple terms.
Thank you Eddie Martinez!
Love these videos...I'm going to go through all of them and do the hands on
Please do!
you are the best teacher in the world.
Thank you!
Keith this was absolutely great! i was at work during the time of the live stream and didn't have the bandwidth to join the stream. I look forward the extended ACL's and hopefully i should be off the clock when u go live for that one. As always, a delight learning from you :D
Awesome thank you!
dude ur the best
Thank you David Alcantara!
Helpful thanks
Thank you Ashish .
Hi Keith, great ACL discussion. I've been struggling to follow your live stream though, my bad. Hope we can use the Community section for the upcoming topics/schedule or if you have any announcement or feedbacks from the community as to what could be the next topic to discuss we can vote on it there prior to your next live stream.
And oh, love the new theme! 👍
Thank you Vanray! I am adding all the recorded streams to a master playlist, here: ogit.online/sloth
That way, you can take them in order, and catch up on any of the streams that you missed.
Appreciate the feedback on the new theme. Still working on getting better. Cheers.
Great
I just come here to see the t-shirts.
Thank you Michael Kermit Powell!
"we accidentally .... *maniacal laugh*" best part haha
Thank you Jacob. Have a great week.
“I got your packet and I killed it” that line got me
Thank you silvio mhula
I can't sleep. 1AM on the morning.... ho my God. I'm dreaming about etherchannel and fiber 40g at this moment ...
Thank you Hugues, I know that feeling. Happens quite a bit when I am knee deep in a technology.
Hi Mr Keith,
Thank you for the great video. I was wondering if you have a video on Extended ACLs. :)
Not yet!
Hi Keith, nice video! I Have a question, are ACL the statefull or stateless? I they are stateless, why when I to configure a ALC I just to configure it in one direction, not in both? For example in my labs, if I want to allow a traffic, I just applie that ACL in inbound or outbound interface and just that, the communication is working. thanks, your videos are amazing!
Thank you for the question Cassio Navarro. In the way implemented in this video, yes they are stateless. They don't remember any session information or hold "state" regarding any traffic flowing over the interfaces with the ACLs.
Keith if you do video on extented acl . Can you explain with simple words(and examples) why we want to deny our local traffic on AZ (location ) on R1 to exit to the internet or to Nevada or Florida (with standard acl). WIth extended acl i think i undarstand why (we want to block some users in AZ to use spefic ports (and layer 4 protocols) to contact a server outside R1 ? ) (correct me if am wrong). Thank you for your time and effort for doing this video you are AMAZING (i wish i could meet you in person :D)
Kwstas, thank you for your input! That is definitely in my queue. Stay tuned, and thanks for the suggestion.
@KeithBarker Will an empty ACL permit all traffic by default if it is applied?
Will an implicit deny condition work with empty ACL?
Would an implicit (default last deny) condition work only if ACL has at least one user defined condition?
HI! at 57:59 you wrap up talking about adjacencies, I thought if on a broadcast network, a state stays 2-way until it needs to be DR or BDR? Only if it is DR or BRD it goes to full? Just curious! Thank you!
Thank you for the question HYDRA. If there is a network segment, all OSPF routers will form full adjacencies with the DR and BDR. With many routers on a segment, routers who are NOT the DR or BDR are known as DROTHERs, and those devices will NOT form a full adjacency with other DROTHERs on that same segment. Let me know if that helps, and thank again for the question.
@@KeithBarker Thank you!! Great answer! Wow your videos are helpful! If only I found them earlier!
Do you have anything on ACLs with object groups like network and service groups. Like how to refactor 80 ACL's around 1500 lines to less complex more maintainable?
Thank you Joseph Jozwik. Feel free to join my Discord sever. Lots of people there helping each other out. Each Saturday at 10am Pacific I hold my "Office Hour" where learners can ask questions about the topics they are studying. Mostly focusing on Cisco CCNA 200-301 topics. Feel free to join us there live if you are available. Here is the link ogit.online/Join_OGIT_on_Discord
Thanks again Joseph Jozwik!
Mr. Keith
i love your content but i have a video recommendation, could you please make a video on extended access lists ?
and thank you very much for sharing your knowledge.
Great suggestion!
@@KeithBarker Please do one soon on extended ACL! I'm on volume 2 chapter 3..Thanks!
Hi Keith, just curious if you've had time to make one on extended ACLs? I am about to try my 3rd attempt at the CCNA and found I was terrible at troubleshooting what was wrong with an Extended ACL. I know what they are and the basics, but not well enough to see what is wrong with one! Thanks!
Hey Keith.....Can you make a downloadable ACL PT Lab on your website? I really love following along with you, and find it really helpful!! Thanks man much love!
Thank you for the suggestion!
So the broken OSPF was caused by the router ID not being equivalent to the source IP? Whereas if your Nbr IPs were defined by loopbacks they would have not matched the deny? Is this why in more complex topologies you seem to favour loopback address creation instead of specifying a router ID?
For OSPF the router ID doesn't need to match any source IP address. Loopback driven or hardcoded Router-IDs make it easier to identify routers in the output of show commands.
Hi Keith, great content as always. I know this video is about ACLs and you touched a lil bit on ospf.
My question is this regarding the #show ip ospf neighbor command output, how do you know which neighbor is the DR and BDR when the output lists multiple router I.Ds 2 of them the neighbor state is FULL/DR and the other 2 are FULL/BDR. It's all a bit confusing. Looking forward to your response.
Thank you for the question Bob.
It helps (me anyway) to draw it out on paper.
Each interface is a different network segment.
Each network segment (on Ethernet) will have a DR and BDR (if there are at least 2 routers) and a DROTHER (if there are 3 or more).
So, a router with 10 interfaces could show up to 10 DRs as neighbors, each one on a different network/interface.
Let me know if that helps.
I looked everywhere on directions for applying access lists and nobody actualy siad anything on how to determine direction or if there is any trick to figure it out. That's the only part about access lists i don't understand. can i use source and destination ip to determine whether i apply acl inbound or outbound so if you can find some time to help me understand i'd apreciate it. Is there any method to determine direction of access lists please tell me.
Thank you Nino Heđi! Check out my latest edited quiz, which was on ACLs. I have some tutoring that goes on in-between questions. If you still have questions, join my for my live office hour, each Sat at 10am on my Discord server, and I would be happy to elaborate.
Here is the link ogit.online/Join_OGIT_on_Discord
Thanks again Nino Heđi!
Hi Keith, sorry for asking, but what is the name of that "intro-song"? Greetings from Switzerland!
Thank you for the question Francisco Deighton. Malena Stark, A little bit of faith. th-cam.com/video/gffj7mZloUc/w-d-xo.html
@@KeithBarker Thank you so much! Very nice song with good lyrics. Good choice!
access-list Vs ip access-list
what is the difference?
Hi, I can't find a line for extended ACL . Could you please help me find it?
dalar mekerdichi thanks for your input! That is definitely in my queue. Stay tuned, and thanks for the suggestion.
@@KeithBarker thank you very much you are the best.
What the title of the song?
Sir I don't understand why acl deny 10.16.2.1 and 10.16.1.1 plz tell
Thank you prashant more. Feel free to join my Discord sever. Lots of people there helping each other out. Each Saturday at 10am Pacific I hold my "Office Hour" where learners can ask questions about the topics they are studying. Mostly focusing on Cisco CCNA 200-301 topics. Feel free to join us there live if you are available. Here is the link ogit.online/Join_OGIT_on_Discord
Thanks again prashant more!
Hi Mr Barker please increase the volume level of sound.
Thank you for the feedback Samy.
Keith, please share the Playlist name ...
Thank you shaik Ameen.
CCNA Playlist th-cam.com/play/PLQQoSBmrXmrysEaVNia7KVwf85qATIi1V.html
Subnet Saturday Playlist th-cam.com/play/PLQQoSBmrXmry0OIbA7DpjLMXLLYK0NV8z.html
Quiz Playlist th-cam.com/play/PLQQoSBmrXmrwZD-0fZVMieVRjI4k-fowj.html
permit/deny any any Vs permit/deny any
What is the difference
I would have liked there to be more structure on ACEs. While you did use the word 'entry' twice, jargon and definitions are important. how many ACEs can go into a single ACL (128), Most importantly the :1 ACL per interface, per direction wasn't mentioned at all here . looking at your other 60 videos in play list based of title: Extended ACL(or any ACL) never come up again . The biggest take away from this video was unrelated, when you mentioned GRE and IPSEC as layer 4 protocols. Netacad does not alwasy give "big picture" nuggets like that. Extended ACL were completely left out, and seeing an example of a numbered ACL would have been nice too.
Thank you for the feedback!
Please do better sound, thank you
Thank you Aslan, I will work on that.
The beginning waiting time does not make much sense. Use the time to expand the video.
Bro, your intro music is so cheesy😂
I love it