Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
725
Views
4
Helpful
2
Replies

default rule for an applied access list

neo_christina
Level 1
Level 1

‎03-01-2007 12:11 AM - edited ‎03-05-2019 02:38 PM

Hi,

I wonder what is the default rule when there is no access list created but the access list is created to the interface.

Thanks.

Christina

Labels:
0 Helpful
2 Replies 2

smothuku
Level 7
Level 7

‎03-01-2007 12:14 AM

Hi Christina ,

Applying access-list to interface without access-list is no use.

It doesn't have any impact.

HTH

satish

0 Helpful

Richard Burts
Hall of Fame
Hall of Fame
In response to smothuku

‎03-01-2007 04:44 AM

Christina

If ip access-group is configured on an interface but the access list referred to does not exist, there are some old versions of IOS that would enforce the default deny any. But it has been the action of IOS for a long time that if the access list does not exist to permit any.

Be aware that as soon as the access list exists with a single statement that there is also the default deny any. This may become an issue if you are doing maintenance on an access list and have removed it so you can rebuild it. When you remove it, the action becomes permit any. But when you add the first statement to rebuild it there is a deny any at the end of the access list.

HTH

Rick

HTH

Rick
Customers Also Viewed These Support Documents