Configuring and Assigning a Numbered, Extended ACL
This section describes how to configure numbered, extended ACLs. To con
figure other ACL types, refer to the following table.
To Configure:
Standard, numbered ACLs
Named ACLs
While standard ACLs use only source IP addresses for filtering criteria,
extended ACLs allow multiple ACE criteria. This enables you to more closely
define your IP packet-filtering criteria. These criteria include:
■
■
■
■
■
You can configure extended ACLs with a numeric name in the range of 100
199. You can also configure extended ACLs with alphanumeric names. (Refer
to "Configuring a Named ACL" on page 9-51.)
Note
For a summary of ACL commands, refer to table 9-1, "Comprehensive Com
mand Summary", on page 9-6.
Refer To:
"Configuring and Assigning a Numbered, Standard ACL" on
page 9-40
"Configuring a Named ACL" on page 9-51
Source and destination IP addresses (required), in one of the
following options:
•
Specific host IP
•
Subnet or group of IP addresses
•
Any IP address
IP protocol (IP, TCP, or UDP)
Source TCP or UDP port (if the IP protocol is TCP or UDP)
Destination TCP or UDP port (if the IP protocol is TCP or UDP)
TCP or UDP eq operator (if the IP protocol is TCP or UDP)
IPv4 Access Control Lists (ACLs)
Configuring and Assigning an ACL
9-45