When working with Cisco routers, there are two types of ACLs commonly used; standard and
Standard ACLs can be used to permit or deny traffic based only on the source IP
address. Standard ACLs don't care about where the package is being sent, just the
packet origin. Standard ACLs should be placed as close to the destination as possible.
An extended ACL can be used to permit or deny traffic based on source and
destination IP address. Extended ACLs are also used to permit or deny traffic based
on port numbers and different types of traffic such as TCP and UDP.
Newer routers process ACLs differently. For example, when you remove an access list
statement, only that statement, not the entire access list is removed. On newer computers, you
must first enter the command prompt mode before you can create ACLs. The following table
describes the commands you use to enter into command prompt mode.