how to configured twor routers cisco 1841 Extended ACL with steps as follows ip routing

 how to configured twor routers cisco 1841 Extended ACL  with steps as follows ip routing

Here is a simple step-by-step guide to configure two Cisco 1841 Integrated Services Router routers using Extended ACL with IP routing.

---

Network Example

Topology

PC1 ---- Router1 -------- Router2 ---- PC2
        Fa0/0  S0/0    S0/0  Fa0/0

---

IP Addressing Table

Device	Interface	IP Address	Subnet Mask
Router1	Fa0/0	192.168.1.1	255.255.255.0
Router1	S0/0	10.0.0.1	255.255.255.252
Router2	S0/0	10.0.0.2	255.255.255.252
Router2	Fa0/0	192.168.2.1	255.255.255.0
PC1	NIC	192.168.1.10	255.255.255.0
PC2	NIC	192.168.2.10	255.255.255.0

---

Step 1: Connect the Routers

Use:

• Console cable for configuration

• Serial DCE/DTE cable between routers

• Ethernet cable to PCs

---

Step 2: Configure Router1

Enter Configuration Mode

enable
configure terminal

Configure FastEthernet Interface

interface fastethernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown
exit

Configure Serial Interface

interface serial0/0/0
ip address 10.0.0.1 255.255.255.252
clock rate 64000
no shutdown
exit

Add Static Route

ip route 192.168.2.0 255.255.255.0 10.0.0.2

---

Step 3: Configure Router2

enable
configure terminal

Configure FastEthernet

interface fastethernet0/0
ip address 192.168.2.1 255.255.255.0
no shutdown
exit

Configure Serial Interface

interface serial0/0/0
ip address 10.0.0.2 255.255.255.252
no shutdown
exit

Add Static Route

ip route 192.168.1.0 255.255.255.0 10.0.0.1

---

Step 4: Configure Extended ACL

Example:
Block PC1 from accessing PC2 using ping.

Configure ACL on Router1

access-list 101 deny icmp host 192.168.1.10 host 192.168.2.10
access-list 101 permit ip any any

---

Step 5: Apply ACL to Interface

Apply ACL inbound on FastEthernet0/0.

interface fastethernet0/0
ip access-group 101 in
exit

---

Step 6: Save Configuration

On both routers:

copy running-config startup-config

---

Step 7: Verify Configuration

Check Interfaces

show ip interface brief

Check Routing Table

show ip route

Check ACL

show access-lists

---

Step 8: Test Connectivity

From PC1:

ping 192.168.2.10

Result:

• Ping blocked by Extended ACL

• Other traffic allowed

---

Important Extended ACL Notes

Extended ACL can filter:

• Source IP

• Destination IP

• Protocols

• Port numbers

Example syntax:

access-list 101 permit tcp any any eq 80

This allows HTTP traffic only.

---

Useful Commands

Command	Purpose
show running-config	View configuration
show ip route	View routes
show access-lists	View ACL rules
no access-list 101	Delete ACL

---

Example Complete Router1 Configuration

enable
configure terminal

interface fastethernet0/0
ip address 192.168.1.1 255.255.255.0
no shutdown

interface serial0/0/0
ip address 10.0.0.1 255.255.255.252
clock rate 64000
no shutdown

ip route 192.168.2.0 255.255.255.0 10.0.0.2

access-list 101 deny icmp host 192.168.1.10 host 192.168.2.10
access-list 101 permit ip any any

interface fastethernet0/0
ip access-group 101 in

end
copy running-config startup-config