Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
353
Views
0
Helpful
1
Replies

ACLs ... to ip or not to ip ....

steven.crutchley
Level 1
Level 1

‎08-08-2012 04:51 PM - edited ‎03-07-2019 08:14 AM

I'm sure this has been asked before, but it has bugged me for sometime now.

What is the difference between

R1(config)#access-list 12 permit 192.168.6.0 0.0.0.255

and

R1(config)#ip access-list standard 12

R1(config-std-nacl)#permit 192.168.6.0 0.0.0.255
             

Using access-lists with and without the ip keyword has always confused me.

I find that if I use the first method above, the distribute-list command that I use when apply redistribution filters works (distribute-list 12 out ospf 1
). However if I use the second method to create my ACL, the command is accepted but the fitlering fails.

Can someone clarify once and for all the difference between the two and when/why I should use one over another?

Labels:
0 Helpful
1 Reply 1

Reza Sharifi
Hall of Fame
Hall of Fame

‎08-08-2012 06:49 PM

The 2 access-list are the same except with the second one you can actually name the access list instead of using a number.

example:

Switch(config)#ip access-list standard test  

Switch(config-std-nacl)#permit 172.16.1.1             

Switch(config-std-nacl)#permit 172.16.1.2

Switch(config-std-nacl)#permit 172.16.1.3

Switch(config-std-nacl)#do sh access-list test 

Standard IP access list test

    10 permit 172.16.1.1

    30 permit 172.16.1.3

    20 permit 172.16.1.2

Switch(config-std-nacl)#

Not sure why your second one is not filtering correctly.

HTH

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card