Just went through this process myself in the
last week. I found this article to be helpfull:
"Define, Design, Refine -- Basic Steps Toward a Proper Access List"
>Date: Thu, 29 Jan 1998 10:18:49 -0500
>From: Thomas Gray <GRAY @
>Subject: access-list on Cisco 7010
>I am trying to create an access-list on my default router (running
>firmware level 10.3)
>that will allow ALL access to 95% of my hosts, but restricting the sites
>on the other
>Anybody with experience with this, could you please send example
>overall router config.
>Asst. Mgr. Computing/Networking
>Toledo-Lucas County Public Library
Network & Systems Security Admin.
Matrox Electronic Systems Ltd.