Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Cisco 3750-E Access List

Hello, I'm trying to create an access-list to use with policy-based routing. When I create the access list it morphs into something else and I'm not sure exactly why. Here is what I type from the command line:

access-list extended PBR

deny ip host 10.4.31.20 10.1.0.0 255.255.0.0

deny ip host 10.4.31.20 10.3.0.0 255.255.0.0

deny ip host 10.4.31.20 10.4.0.0 255.255.0.0

deny ip host 10.4.31.20 10.8.0.0 255.255.0.0

permit ip host 10.4.31.20 any

After that has been entered (without any errors) and I type show run, here is what it becomes:

ip access-list extended PBR

deny ip host 10.4.31.20 0.0.0.0 255.255.0.0

permit ip host 10.4.31.20 any

Any idea why it does that? I was thinking it has something to do with the classless function, or some other subnet related issue. If it matters, right now I have "ip classless" and "ip subnet-zero" in the configuration. Any ideas? Thanks!

3 REPLIES

Re: Cisco 3750-E Access List

Joe,

Would you please use "Wildcard mask" in ACL? (grin)

F.e

deny ip host 10.4.31.20 10.8.0.0 0.0.255.255

Note: I'm not sure why Cisco allows us to do that. It's not fair. J/K

Please let me know how things work out.

HTH,

Toshi

Community Member

Re: Cisco 3750-E Access List

Argh!! Completely lame on my part. I am so used the ASA configuration and I haven't touched access lists in IOS in a few years. Thank you for pointing that out!

Community Member

Re: Cisco 3750-E Access List

Argh!! Completely lame on my part. I am so used the ASA configuration and I haven't touched access lists in IOS in a few years. Thank you for pointing that out!

288
Views
4
Helpful
3
Replies
CreatePlease to create content