nihal.akbulut Mon, 12/08/2003 - 00:33
User Badges:


you want to add new lines to your existing access-list,right? Then,

if your IOS is newer than 12.2(14)S you can use sequence umbering feature. You can check that your IOS supports this feature with sh access-list 1 command. If that command output is like this :

10 deny ip host any

20 deny ip host any

the numbers at beginning of each line are sequnce number. so you can easily add your new lines with sequence numbers (shows where to put the lines) to the existing access-list. otherwise (if your IOS doesn't support this feauture), you have to copy access-list to a text-editor and make your changes, remove access-list from router with "no access-list 1" command and then paste new access-list back to router...

for the feature above you can check the document below:

or if your question is how to write that access-list, here it is: (if the protocol IP)

access-list 1 permit ip

access-list 1 permit ip

don't forget all traffic will be blocked except we permitted above.because of the implicit deny rule.

hope this helps..


This Discussion