Adding to an ACL

Answered Question
Aug 4th, 2010

This is already configured

ip access-list standard INCARRIER
permit 10.10.4.0 0.0.0.255
permit 10.10.204.0 0.0.0.255
permit 10.10.33.0 0.0.0.255

and I want to add this

permit 10.10.7.0 0.0.0.255

and I want it to look like this

ip access-list standard INCARRIER
permit 10.10.4.0 0.0.0.255
permit 10.10.204.0 0.0.0.255
permit 10.10.33.0 0.0.0.255
permit 10.10.7.0 0.0.0.255


would I do this


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255

or would I need to do this


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.4.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.204.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.33.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255

Thanks,

Mike

I have this problem too.
0 votes
Correct Answer by Collin Clark about 6 years 4 months ago

Mike-

You can add just the new network, no need to add them all again.


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255

Hope it helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Collin Clark Wed, 08/04/2010 - 08:52

Mike-

You can add just the new network, no need to add them all again.


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255

Hope it helps.

burleyman Wed, 08/04/2010 - 09:06

Thanks, that is what I thought but wanted to cover my bases.

One more based on that......If I wanted to add in the middle I would need to do this.....correct?

2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.4.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.204.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255

and no need add the last permit


and the result would be

ip access-list standard INPAETEC
permit 10.10.4.0 0.0.0.255
permit 10.10.204.0 0.0.0.255
permit 10.10.7.0 0.0.0.255
permit 10.10.33.0 0.0.0.255

Mike

Collin Clark Wed, 08/04/2010 - 09:12

Mike-

Those dang standard ACLs don't have sequence numbers. The order you put them makes no difference in how they show up in the config. If you need to arrange them in a specific order you'll have to use extended ACLs.

Actions

This Discussion