adding entries to access list

carl_townshend · ‎11-07-2006

hi all, can anyone give me the command to add entries in between access lists, i know you out a sequence nymber but where do you out it ?

glen.grant · ‎11-07-2006

Just do a "show access-lists and that will give you the syntax if the router supports it .I believe this function started with 12.2T train or 12.3 mainline IOS . I believe the number just goes in front of the permit or deny statement in a "named access list" in acl config mode .

sundar.palaniappan · ‎11-07-2006

Show access-list will show the sequence #s, if supported. Then, from the access-list sub-mode configure the sequence # followed the access control entry as shown below.

R3#show access-list 100

Extended IP access list 100

5 permit ip any 10.0.0.0 0.255.255.255

10 permit ip any 172.16.1.0 0.0.0.255

20 permit ip any 192.168.1.0 0.0.0.255

R3#config t

Enter configuration commands, one per line. End with CNTL/Z.

R3(config)#ip access-list extended 100

R3(config-ext-nacl)#2 deny ip any 10.1.1.0 0.0.0.255

R3(config-ext-nacl)#end

R3#show access-list 100

Extended IP access list 100

2 deny ip any 10.1.1.0 0.0.0.255

5 permit ip any 10.0.0.0 0.255.255.255

10 permit ip any 172.16.1.0 0.0.0.255

20 permit ip any 192.168.1.0 0.0.0.255

HTH

Sundar