10-74
IPv4 Access Control Lists (ACLs)
Configuring Extended ACLs
Figure 10-19. Example of Configuration Commands for Extended ACLs
Configuring Numbered, Extended ACLs
This section describes the commands for performing the following in a 
numbered, extended ACL:
■ creating the ACL by entering the first ACE in the list
■ appending a new ACE to the end of an existing ACL
For other IPv4 ACL topics, refer to the following:
 HP Switch(config)# ip access-list extended Extended-List-02
 HP Switch(config-ext-nacl)# permit tcp host 10.10.20.100 host
 10.10.30.55 eq ftp
 HP Switch(config-ext-nacl)# deny tcp 10.10.20.1/24 any eq ftp log
 HP Switch(config-ext-nacl)# permit ip any any
 HP Switch(config-ext-nacl)# exit
 HP Switch(config)# vlan 20 ip access-group Extended-List-02 in
HP Switch(config)# ip access-list extended Extended-List-01
 HP Switch(config-ext-nacl)# permit tcp host 10.10.10.44 host 
 10.10.20.78 eq telnet
 HP Switch(config-ext-nacl)# deny ip 10.10.10.1/24 10.10.20.1/24
 HP Switch(config-ext-nacl)# permit ip any any
 HP Switch(config-ext-nacl)# exit
 HP Switch(config)# vlan 10 ip access-group Extended-List in
 
A (Refer to figure 10-18 on page 
B (Refer to figure 10-18 on page 
Topic Page
configuring named, standard ACLs 10-52
configuring numbered, standard ACLs 10-55
configuring named, extended ACLs 10-61
applying or removing an ACL on an interface 10-81
deleting an ACL 10-85
editing an ACL 10-86
sequence numbering in ACLs 10-87
including remarks in an ACL 10-92
displaying ACL configuration data 10-97
creating or editing ACLs offline 10-107
enabling ACL “Deny” logging 10-112