In this white paper, we'll take a look at access control lists, often referred to as access lists or ACLs (sometimes pronounced "ackels"). In Cisco IOS, ACLs are used for many things, including but not limited to:

Filtering data packets (firewalling)

Controlling Telnet or SSH access to a router or switch

Filtering routing protocols

Specifying Quality of Service (QoS)

Controlling encryption

Controlling NAT (Network Address Translation)

Controlling Dial-on-Demand

The idea of an access list is straightforward: it permits some things, and denies others. What exactly is being “permitted” or “denied” varies according to the application of the ACL. Although access lists for other protocols (such as IPX, AppleTalk, MAC addresses, etc.) exist, we'll be focusing on IP access lists. In general, only routers
and multi-layer switches understand IP access lists.