Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

access-list [line-num]

Too often I see in the access-list statement, there is a line number set to 1, like this:

access-list id_test 1 permit...

The doc's desc says: "The line number at which to insert a remark or an access control element (ACE)."

I can understand its "wording", but never "truly" understand it. :)

Could anybody explain it by giving an example?

Thanks to help.

Scott

2 REPLIES
New Member

Re: access-list [line-num]

Not sure where you are going with this but maybe this example with shed some light.

router#sh ip access-list

Extended IP access list 102

10 deny ip 10.11.12.0 0.0.0.255 172.17.0.0 0.0.0.255 (224340 matches)

11 deny ip 10.11.12.0 0.0.0.255 10.0.5.0 0.0.0.255 (170 matches)

20 permit ip 10.11.12.0 0.0.0.255 any (188779 matches)

30 permit ip 10.130.0.0 0.0.0.255 any (434 matches)

40 permit ip 10.140.0.0 0.0.0.255 any (292 matches)

So you could go into that access-list like this:

router(config)#ip access-list extended 102

router(config-ext-nacl)#21 permit ip host x.x.x.x host x.x.x.x

That is good for adding a line into the acl. Of you can do "no 20" to remove line 20 from the ACL.

I dont know of a way to add a remark to the acl after the fact, but that doesnt mean there isnt a way. I just dont know it.

Hope this helps.

hvm
New Member

Re: access-list [line-num]

Scott,

On configure terminal mode try using this example:

[no] access-list id_test line 1 permit...

see ya

130
Views
0
Helpful
2
Replies
CreatePlease to create content