PurposeCommand or Action
Creates an IP standard access list, repeating the command as
many times as necessary.
Use one of the following:
Step 4
•
access-listaccess-list-number
{deny| permit}
or
source
Creates an IP extended access list, repeating the command as
many times as necessary.
[source-wildcard]
• access-list-number—Enters the same number created in
Step 2. The range is 1 to 99 for standard access lists
and 100 to 199 for extended lists.
•
access-listaccess-list-number
{deny| permit}
protocol source
source-wildcard destination
destination-wildcard
• deny—Denies access if the conditions are matched. The
permit keyword permits access if the conditions are
matched.
Example:
Device(config)# access list 21
permit 194.1.22.0
• protocol—Enters ip as the protocol name.
• source—Enters the number of the network or host from
which the packet is being sent.
or
Device(config)# access list 21
permit ip 194.1.22.0 1.1.1.1
• source-wildcard—Enters the wildcard bits in dotted
decimal notation to be applied to the source. Place ones
in the bit positions that you want to ignore.
194.3.44.0 1.1.1.1
• destination—Enters the number of the network or host to
which the packet is being sent.
• destination-wildcard—Enters the wildcard bits in dotted
decimal notation to be applied to the destination. Place
ones in the bit positions that you want to ignore.
Recall that the access list is always terminated by an implicit
deny statement for everything.
Returns to privileged EXEC mode.end
Example:
Device(config)# end
Step 5
Verifies your entries.show running-config
Example:
Device# show running-config
Step 6
(Optional) Saves your entries in the configuration file.copy running-config
startup-config
Step 7
Example:
Device# copy running-config
Routing Configuration Guide, Cisco IOS XE Everest 16.6.x (Catalyst 9500 Switches)
34
Configuring MSDP
Controlling Source Information that Your Switch Originates
To Next Page
Loading...
