is the same as described for an interface. However, applying the ACL to a terminal line requires the access-class command instead of the access-group command. The following should be considered when configuring access lists on vty lines:

• When controlling access to an interface, a name or number can be used.
• Only numbered access lists can be applied to virtual lines.
• Set identical restrictions on all the virtual terminal lines, because a user can attempt to connect to any of them.

Lab Activity e-Lab Activity: Access Control Lists In this lab, the students will practice using ACLs to filter IP traffic. Web Links Strategies & Issues: Ports of Entry - Routers in the Crosshairs http://www.networkmagazine.com/shared/article/
showArticle.jhtml?articleId=8703354&classroom=

---

Content Summary An understanding of the following key points should have been achieved:

• ACLs perform several functions within a router, including implementing security/access procedures.
• ACLs are used to control and manage traffic.
• For some protocols, two ACLs can be applied to an interface: one inbound ACL and one outbound ACL.
• With ACLs, after a packet is matched to an ACL statement, it can be denied or permitted access to the router.
• Wildcard mask bits use the number one (1) and the number zero (0) to identify how to treat the corresponding IP address bits.
• Access list creation and application is verified through the use of various IOS show commands.
• The two main types of ACLs are standard and extended.
• Named ACLs allow for the use of a name to identify the access list instead of a number.
• ACLs can be configured for all routed network protocols.
• ACLs are placed where they allow the most efficient control.
• ACLs are typically used in firewall routers.
• Access lists can also restrict virtual terminal access to the router.