Adding to an ACL

Answered Question
Aug 4th, 2010
User Badges:
  • Blue, 1500 points or more

This is already configured

ip access-list standard INCARRIER
permit 10.10.4.0 0.0.0.255
permit 10.10.204.0 0.0.0.255
permit 10.10.33.0 0.0.0.255

and I want to add this

permit 10.10.7.0 0.0.0.255

and I want it to look like this

ip access-list standard INCARRIER
permit 10.10.4.0 0.0.0.255
permit 10.10.204.0 0.0.0.255
permit 10.10.33.0 0.0.0.255
permit 10.10.7.0 0.0.0.255


would I do this


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255


or would I need to do this


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.4.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.204.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.33.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255



Thanks,

Mike

Correct Answer by Collin Clark about 6 years 7 months ago

Mike-


You can add just the new network, no need to add them all again.


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255


Hope it helps.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Collin Clark Wed, 08/04/2010 - 08:52
User Badges:
  • Purple, 4500 points or more

Mike-


You can add just the new network, no need to add them all again.


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255


Hope it helps.

burleyman Wed, 08/04/2010 - 09:06
User Badges:
  • Blue, 1500 points or more

Thanks, that is what I thought but wanted to cover my bases.


One more based on that......If I wanted to add in the middle I would need to do this.....correct?


2821#config t
Enter configuration commands, one per line.  End with CNTL/Z.
2821(config)#ip access-list standard INCARRIER
2821(config-std-nacl)#permit 10.10.4.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.204.0 0.0.0.255
2821(config-std-nacl)#permit 10.10.7.0 0.0.0.255

and no need add the last permit


and the result would be


ip access-list standard INPAETEC
permit 10.10.4.0 0.0.0.255
permit 10.10.204.0 0.0.0.255
permit 10.10.7.0 0.0.0.255
permit 10.10.33.0 0.0.0.255


Mike

Collin Clark Wed, 08/04/2010 - 09:12
User Badges:
  • Purple, 4500 points or more

Mike-


Those dang standard ACLs don't have sequence numbers. The order you put them makes no difference in how they show up in the config. If you need to arrange them in a specific order you'll have to use extended ACLs.

burleyman Wed, 08/04/2010 - 09:16
User Badges:
  • Blue, 1500 points or more

Thanks for your help.



Mike

Actions

This Discussion