Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Basic ACL Questions

On a 2514 with 11.2 IOS, I'm trying to implement multiple ACL's to block all access to about 55 host addresses. I cannot seem to put them all into one ACL. When I do, the list just disappears, and I'm unclear on how properly to setup multiple lists of about 10 addresses each .

Does each list, say 101-105, need a "permit ip any any" at the end, or just the final list applied to the interface? Will the lists be processed in numerical order or in the order in which they're applied to the interface? I'm assuming that I would implement the lists inbound on the interface that has all the user machines for which I want to block these sites. All my PC's being on E0, I'll want to enter "ip access-group 101 in" for all the lists through 105, correct?

I purchased the Cisco Field Guide for Access Lists, but I cannot find anything about how multiple lists are processed. If there's a good resource online with the info I need, I'll really appreciate help finding it.

My thanks in advance.

Phil Hershey

New Member

Re: Basic ACL Questions

Each interface is allowed one ACL per protocol, per direction. Build a single access list and apply it to the interface.

New Member

Re: Basic ACL Questions

Thank you!

You'd think Cisco would have put that someplace prominent in their Access Lists Field Guide. :-)

CreatePlease to create content