ACL

Unanswered Question
Oct 29th, 2009
User Badges:

Hi

How can I add a line without removing the deny statement and applying again.


access-list 50 permit 192.168.1.0 0.0.0.255

access-list 50 permit 192.168.2.0 0.0.0.255

access-list 50 permit 192.168.3.0 0.0.0.255

access-list 50 permit 192.168.4.0 0.0.0.255

access-list 50 permit 192.168.5.0 0.0.0.255

access-list 50 deny any any

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Lucien Avramov Thu, 10/29/2009 - 11:38
User Badges:
  • Red, 2250 points or more

You can not.

You need to remove and re-add the ACL.


simontibbitts Thu, 10/29/2009 - 11:41
User Badges:
  • Silver, 250 points or more

Hi Joe.


If your IOS supports it then you can do it like this:


R1#show access-list 50

Standard IP access list 50

10 permit 192.168.1.0, wildcard bits 0.0.0.255

20 permit 192.168.2.0, wildcard bits 0.0.0.255

30 permit 192.168.3.0, wildcard bits 0.0.0.255

40 permit 192.168.4.0, wildcard bits 0.0.0.255

50 permit 192.168.5.0, wildcard bits 0.0.0.255

60 deny any

R1#config t

Enter configuration commands, one per line. End with CNTL/Z.

R1(config)#ip access-list standard 50

R1(config-std-nacl)#51 permit 192.168.6.0 0.0.0.255

R1(config-std-nacl)#exit

R1(config)#exit

R1#show access-list 50

Standard IP access list 50

10 permit 192.168.1.0, wildcard bits 0.0.0.255

20 permit 192.168.2.0, wildcard bits 0.0.0.255

30 permit 192.168.3.0, wildcard bits 0.0.0.255

40 permit 192.168.4.0, wildcard bits 0.0.0.255

50 permit 192.168.5.0, wildcard bits 0.0.0.255

51 permit 192.168.6.0, wildcard bits 0.0.0.255

60 deny any

R1#


Simon

Actions

This Discussion