PurposeCommand or Action
Example:
Device(config-std-nacl)# 105 deny 10.6.6.7
0.0.0 255
Specifies a permit statement in named IP access list mode.Do one of the following:
Step 7
•
sequence-number permit source
source-wildcard
•
This access list happens to use a permitstatement first, but
a deny statement could appear first, depending on the order
of statements you need.
•
sequence-number permit protocol source
source-wildcard destination destination-wildcard
•
See the permit (IP) command for additional command
syntax to permit upper layer protocols (ICMP, IGMP, TCP,
and UDP).
[precedence precedence][tos tos] [log]
[time-range time-range-name] [fragments]
•
Use the no sequence-number command to delete an entry.
Example:
Device(config-ext-nacl)# 150 permit tcp any
any log
(Optional) Specifies a deny statement in named IP access list
mode.
Do one of the following:
Step 8
•
sequence-number deny source source-wildcard
•
This access list happens to use a permitstatement first, but
a deny statement could appear first, depending on the order
of statements you need.
•
sequence-number deny protocol source
source-wildcard destination destination-wildcard
[precedence precedence][tos tos] [log]
[time-range time-range-name] [fragments]
•
See the deny (IP) command for additional command syntax
to permit upper layer protocols (ICMP, IGMP, TCP, and
UDP).
Example:
Device(config-ext-nacl)# 150 deny tcp any any
log
•
Use the no sequence-number command to delete an entry.
Allows you to revise the access list.Repeat Step 5 and/or Step 6 to add sequence number
statements, as applicable.
Step 9
(Optional) Exits the configuration mode and returns to privileged
EXEC mode.
end
Example:
Device(config-std-nacl)# end
Step 10
(Optional) Displays the contents of the IP access list.
show ip access-lists access-list-name
Example:
Device# show ip access-lists kmd1
Step 11
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1198
How to Configure ACLs
To Next Page
Loading...
