access list

maldives · ‎12-05-2003

how can i add the following access list 1

permit 10.4.1.0, wildcard bits 0.0.0.255

permit 10.14.1.0, wildcard bits 0.0.255.255

nihal.akbulut · ‎12-08-2003

hi,

you want to add new lines to your existing access-list,right? Then,

if your IOS is newer than 12.2(14)S you can use sequence umbering feature. You can check that your IOS supports this feature with sh access-list 1 command. If that command output is like this :

10 deny ip host 10.200.11.13 any

20 deny ip host 10.200.119.12 any

the numbers at beginning of each line are sequnce number. so you can easily add your new lines with sequence numbers (shows where to put the lines) to the existing access-list. otherwise (if your IOS doesn't support this feauture), you have to copy access-list to a text-editor and make your changes, remove access-list from router with "no access-list 1" command and then paste new access-list back to router...

for the feature above you can check the document below:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1838/products_feature_guide09186a0080134a60.html

or if your question is how to write that access-list, here it is: (if the protocol IP)

access-list 1 permit ip 10.4.1.0 0.0.0.255

access-list 1 permit ip 10.14.1.0 0.0.255.255

don't forget all traffic will be blocked except we permitted above.because of the implicit deny rule.

hope this helps..