ACL for distrubute list

danilodicesare · ‎01-20-2008

Hi all,

odd question....

I cannot use prefix list and i have to filter all except default route....but i can use just deny statement by now :(. otherwise will be simple :)

can i make and access-list for achieving that aim?

acl like: <IP><wildcard><subnet><wildcard>

THK anyway

Dany

Istvan_Rabai · ‎01-20-2008

Hi Danilo,

The acl will be like this:

access-list 1 permit 0.0.0.0 0.0.0.0

If you apply this acl into a distribute list, it will permit the default route, but deny anything else (implicit "deny any" at the end)

Cheers: Istvan

danilodicesare · ‎01-20-2008

THK a lot....i have no deny any any at end of ACL that i have to make...i know seems stupid but it's my situation :(

Dan

keeleym · ‎01-20-2008

Hi Dan

Although you did not type "access-list 1 deny any any" it is there by default. It is "implicit". All access lists end with a deny any any at the end.

So by implementing the access list shown by the previous poster, you are only allowing the default route, all other routes are automatically blocked by the implicit deny any any that is automatically placed at the end of the access list.

Best Regards,

Michael

danilodicesare · ‎01-20-2008

hi all,

i know, all of you are right...it's a logical question.....

i was not clear i know :)

i would just know if it is possible or not.

thk all

Dani