Cisco Support Community
Community Member

Extended Access Lists - Supported Protocols


I'm looking for a list of the protocols supported in the extended access list. I'm finding short lists with the usual, IP, TCP, UDP, ICMP, IGMP, etc. but they state that there are more. Searching TAC I'm not having much luck. Any link to a comprehensive list is really appreciated.

Cisco Employee

Re: Extended Access Lists - Supported Protocols

On a PIX or a router?

On a router, it's easy, just do the following:

sv1-8(config)#access-list 101 permit ?

<0-255> An IP protocol number

ahp Authentication Header Protocol

eigrp Cisco's EIGRP routing protocol

esp Encapsulation Security Payload

gre Cisco's GRE tunneling

icmp Internet Control Message Protocol

igmp Internet Gateway Message Protocol

ip Any Internet Protocol

ipinip IP in IP tunneling

nos KA9Q NOS compatible IP over IP tunneling

ospf OSPF routing protocol

pcp Payload Compression Protocol

pim Protocol Independent Multicast

tcp Transmission Control Protocol

udp User Datagram Protocol

On a PIX, thee's not really any easy way to decipher what's available. If you simply add an ACL in and use a IP protocol number that has a definition assigned to it, that definition is what will be displayed in the config automatically. For example, if you do:

> access-list 100 permit 50 ......

it will appear in the config as:

> access-list 100 permit esp ......

CreatePlease to create content