Re: ACL, "default" key word

DanielD · ‎08-05-2018

Hi all!

I'm trying to understand why the keyword "default" in the ACL is needed.

R3(config-ext-nacl)#?       
Ext Access List configuration commands:
  <1-2147483647>  Sequence Number
  default         Set a command to its defaults
  deny            Specify packets to reject
  permit          Specify packets to forward
......

R3(config-ext-nacl)#default permit icmp any any

R3(config-ext-nacl)#do sh access-l
Extended IP access list log-test-1
    10 permit ospf any any (1201 matches)

R3#sh running-config 
.....
ip access-list extended log-test-1
 permit ospf any any
!
.....

In the output of the command "show access-list" and in the output of the config (show running-config) it is not displayed. Please, tell me why it is needed and how to apply it.

Dennis Mink · ‎08-05-2018

usually what you do is you give your ACL a meaningfull name, like

access-list outside_access_in for instance and you add to that access list and then apply that access list to the interface (outside in this case).

your default command applies to the default acl that gets applied to an interface, by default.

Please remember to rate useful posts, by clicking on the stars below.

DanielD · ‎08-05-2018

Thank you very much for your reply, but unfortunately, it has not helped much. Tried to repeat what you said - did not work. Will not it make it difficult for you to show a listing or pseudo-listing of step-by-step usage so i can see how to apply it?