thotsaphon Tue, 04/21/2009 - 19:51
User Badges:
  • Gold, 750 points or more


I can't do that in a single line. I can do with a single ACL configured with 3 ACEs.


ip access-l ex TEST

permit tcp host any eq 443

permit tcp host any eq 443

permit tcp host any eq 443




rpfinneran Wed, 04/22/2009 - 02:31
User Badges:
  • Bronze, 100 points or more

This cannot be accomplished in one line. As noted above, you must use 3 lines if you only want to allow the specified hosts.

Leo Laohoo Wed, 04/22/2009 - 14:34
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    The Hall of Fame designation is a lifetime achievement award based on significant overall achievements in the community. 

  • Cisco Designated VIP,

    2017 LAN, Wireless

As what the others have posted, you can't put different hosts in ONE ACL statement.

You can, on the other hand, put in one statement a group of ports in an extended access list.

Rupesh Kashyap Thu, 04/23/2009 - 19:08
User Badges:

Hi, I heard this may be like-- (E.g Network ID and Wild Card). Any idea?//

jennyjohn Sun, 01/23/2011 - 03:59
User Badges:

I believe it is

permit tcp any eq 443

& permit tcp any eq 443    on an ASA

Very intresting question, have to go down to binary level to do this

mlund Mon, 01/24/2011 - 07:29
User Badges:
  • Silver, 250 points or more


You can do it in one line as jennyjohn has wrote it.
But I think jennyjohn missed one bit, it should be
permit tcp any eq 443  on an ios router

permit tcp any eq 443    on an ASA



This Discussion