04-15-2023 08:41 AM
Hi I am trying to create an access list and I keep getting a syntax error on this command:
access-list 1 deny 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255
^
The error marker is on the start of the second VLAN ip. I am pretty sure the wildcard mask is correct because it is a simple /24 network.
Solved! Go to Solution.
04-15-2023 08:47 AM
@sl236 you need to define an extended ACL which is numbered 100-199, you also need to define the protocol (ip, tcp, udp etc). Example (modifications in bold
access-list 100 deny ip 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255
FYI, you can also configure a named ACL to achieve the same thing.
04-15-2023 08:47 AM
access-list 1 deny 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255 <<- standard ACL only allow source OR destination
you need to use extended ACL (it start with 100)
04-15-2023 08:47 AM
@sl236 you need to define an extended ACL which is numbered 100-199, you also need to define the protocol (ip, tcp, udp etc). Example (modifications in bold
access-list 100 deny ip 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255
FYI, you can also configure a named ACL to achieve the same thing.
04-15-2023 08:47 AM
access-list 1 deny 10.10.10.0 0.0.0.255 10.10.20.0 0.0.0.255 <<- standard ACL only allow source OR destination
you need to use extended ACL (it start with 100)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide