Please enable JavaScript.

Coggle requires JavaScript to display documents.

Public key Cryptographyc - Coggle Diagram

- - - - When configuring a complex ACL, it’s recommended to:
      - Use a text editor to outline the policy specifics.
      - Add the necessary IOS configuration commands.
      - Include remarks to document the ACL.
      - Copy and paste the commands onto the device.
      - Thoroughly test the ACL to ensure it applies the desired policy correctly.
- - - - After configuring an ACL, modifications may be necessary, especially if it contains multiple ACEs, as they can be complex and may not always produce the expected results. Therefore, some trial and error may be needed to achieve the desired filtering.
      - This section covers two methods for modifying an ACL:
      - Use a Text Editor: Edit the ACL in a text editor for easier management and troubleshooting.
      - Use Sequence Numbers: Sequence numbers allow specific ACEs to be modified, deleted, or added without rewriting the entire ACL.
- - - - Certain IP address classes should never appear as source IP addresses for traffic entering an organization’s network. For example, an internet-facing interface (e.g., S0/0/0) should block inbound packets from these addresses:
      - All zeros addresses
      - Broadcast addresses
      - Local host addresses (127.0.0.0/8)
      - APIPA addresses (169.254.0.0/16)
      - Private addresses (RFC 1918)
      - IP multicast addresses (224.0.0.0/4)