Cisco Catalyst 2960 Series

To Next Page

To Previous Page

Creating Extended Named ACLs

Follow these steps to create an extended ACL using names:

SUMMARY STEPS

enable

configure terminal

ip access-list extended name

{deny | permit} protocol {source [source-wildcard] | host source | any} {destination [destination-wildcard]

| host destination | any} [precedence precedence] [tos tos] [established] [log] [time-range

time-range-name]

end

show running-config

copy running-config startup-config

DETAILED STEPS

PurposeCommand or Action

Enables privileged EXEC mode. Enter your password if

prompted.

enable

Example:

Switch> enable

Step 1

Enters the global configuration mode.configure terminal

Example:

Switch# configure terminal

Step 2

Defines an extended IPv4 access list using a name, and enter

access-list configuration mode.

ip access-list extended name

Example:

Switch(config)# ip access-list extended 150

Step 3

The name can be a number from 100 to 199.

In access-list configuration mode, specify the conditions

allowed or denied. Use the log keyword to get access list

logging messages, including violations.

{deny | permit} protocol {source [source-wildcard] |

host source | any} {destination [destination-wildcard]

| host destination | any} [precedence precedence] [tos

tos] [established] [log] [time-range time-range-name]

Step 4

• host source—A source and source wildcard of source

0.0.0.0.

Example:

Switch(config-ext-nacl)# permit 0 any any

• host destintation—A destination and destination wildcard

of destination 0.0.0.0.

• any—A source and source wildcard or destination and

destination wildcard of 0.0.0.0 255.255.255.255.

Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)

1190

How to Configure ACLs

Main Page

Table of Contents

Other manuals for Cisco Catalyst 2960 Series

Related product manuals