ACL Commands
ip access-list
The ip access-list global configuration command creates IP ACLs, and enters IP Access-list
configuration mode. To delete an IP ACL use the no form of this command.
Syntax
ip access-list name
no ip access-list name
•
name—Enter the IP ACL name consisting of a character string up to 32 characters long.
Default Configuration
All ACLs are deny-all by default.
Command Mode
Global Configuration mode
User Guidelines
ACLs on the system perform both access control and Layer 3 field classification. To define
Layer 3 fields access-lists the ip access-list command should be used.
ACLs cannot be removed when they are assigned to an interface (using service-acl
command).
The ip access-list command enters the IP-access list configuration mode.
Example
The following example creates an ACL with the name "Dell".
Console (config)# ip access-list Dell
Console (config-ip-al)#
permit (IP)
The permit ip access-list configuration mode command allows traffic if the conditions defined in
the permit statement are matched.
77
ACL Commands