Standard ACLs can filter traffic based on source IP address only. In this task, you are configuring a standard ACL that blocks traffic from the 192.168.11.0 /24 network. This ACL will be applied inbound on the R3 serial interface. Remember that every ACL has an implicit “deny all” that causes all traffic that has not matched a statement in the ACL to be blocked. For this reason, add the permit any statement to the end of the ACL.
Step 1. Create the ACL.
In global configuration mode, create a standard named ACL called std-1.R3(config)#ip access-list standard std-1
In standard ACL configuration mode, add a statement that denies any packets with a source address of 192.168.11.0 /24 and prints a message to the console for each matched packet.
R3(config-std-nacl)#deny 192.168.11.0 0.0.0.255
Permit all other traffic.
R3(config-std-nacl)#permit any
Step 2. Apply the ACL.
Apply the ACL std-1 as a filter on packets entering R3 through serial interface 0/0/1.R3(config)#interface serial 0/0/1 R3(config-if)#ip access-group std-1 in