Con?¬?guring ACLs 235
Creating Named Extended IP ACLs
The steps required to con?¬?gure and apply a named extended IP ACL on a router are as follows:
Step 1 De?¬?ne a standard named IPv4 ACL. Use the ip access-list extended global
con?¬?guration command.
RouterX(config)# ip access-list extended name
De?¬?ne the list using a unique name. A descriptive name can be helpful
when examining the con?¬?guration of the router.
Step 2 Enter the following command syntax to establish test parameters:
RouterX(config-ext-nacl)# [sequence-number] {ddeennyy | ppeerrmmiitt} protocol source
source-wildcard destination destination-wildcard [option]
In access list con?¬?guration mode, specify the conditions allowed or denied.
You can use the keyword any to abbreviate an address of 0.0.0.0 with a
wildcard mask of 255.255.255.255 for the source address, destination
address, or both. You can use the keyword host to abbreviate a wildcard
mask of 0.0.0.0 for the source address or destination address. Place the
keyword host in front of the address.
Step 3 Exit from named access list con?¬?guration mode:
RouterX(config-ext-nacl)#eexxiitt
RouterX(config)#
Step 4 Select a desired interface to be con?¬?gured.
Pages:
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358