Extended Access List filters the network traffic based on the SOURCE IP ADDRESS, Destination IP address, Protocol Field in the Network layer, Port NUMBER field at the Transport layer. Extended Access List ranges from 100 to 199, In expanded range 2000-2699. Extended Access List should be PLACED as close to source as possible. Since extended access list filters the traffic based on specific addresses (Source IP, Destination IP) and protocols we don’t want our traffic to traverse the entire network just to be denied wasting the bandwidth.

Example:-

• R1 (config) # access-list 110 deny tcp any host 192.168.1.1 eq 23
• R1 (config) # INT fa0/0
• R1 (config-if) # ip access-group 110 in

Extended Access List filters the network traffic based on the Source IP address, Destination IP address, Protocol Field in the Network layer, Port number field at the Transport layer. Extended Access List ranges from 100 to 199, In expanded range 2000-2699. Extended Access List should be placed as close to source as possible. Since extended access list filters the traffic based on specific addresses (Source IP, Destination IP) and protocols we don’t want our traffic to traverse the entire network just to be denied wasting the bandwidth.

Example:-