Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Configuring Extended Access List with Any statement

I have several questions where I'm fuzzy on a configuration already on my network.  Whoever setup my network before me just put the same access-lists on all the interfaces at three different locations --

1.  Are extended access-lists always source then destination?  Like in the following statement:

permit ip host any - Is the source and destination any?

2.  Further down though there is:

permit tcp any host eq 443.

In that case is the source any host and the destination ?

This had been placed on an inbound access-list but 4.11 is not internal to that network so I don't think that statement if valid.

3.  Also, when you do a:

sho ip access-list -

Not many of the line items in that access have any counts - does that mean nothing is hitting them or like I think they could be misconfigured?


Everyone's tags (3)