Access-list

From wikieduonline
Revision as of 07:53, 16 March 2021 by Welcome (talk | contribs)
Jump to navigation Jump to search


 R1(config)#access-list ?
 <1-99>            IP standard access list
 <100-199>         IP extended access list
 <1300-1999>       IP standard access list (expanded range)
 <2000-2699>       IP extended access list (expanded range)
 <2700-2799>       MPLS access list
 acl-ace-limit     set the max configurable ace limit for all ACLs
 acl-limit         Set the max configurable acl limit
 dynamic-extended  Extend the dynamic ACL absolute timer
 global-ace-limit  set the max ace limit for the entire system
 rate-limit        Simple rate-limit specific access list

access-list (IP standard)

access-list <access-list-number> {deny | permit} <source> [<source-wildcard>] [log]

Example:

conf t
access-list 1 deny 127.0.0.0 0.255.255.255 log
access-list 1 permit any

access-list (IP extended)

access-list <access-list-number> [dynamic <dynamic-name> [timeout <minutes>]] {deny | permit} <protocol> <source> <source-wildcard> <destination> <destination-wildcard> [log | log-input]]

Example:

access-list 101 permit tcp host 192.168.5.6 host 192.168.1.1 eq telnet
access-list 101 deny tcp any any eq telnet log
access-list 101 permit ip any any


Example

access-list 106 permit ip 10.10.10.0 0.0.0.255 any
deny ip any any

Related terms

See also

Advertising: