KB.15.15

NOTE: After a numbered ACL has been created (using access-list 1-99 | 100-199), it can be

managed as either a named or numbered ACL. For example, in an existing ACL with a numeric

identifier of "115", either of the following command sets adds an ACE denying IPv4 traffic from

any source to a host at 10.10.10.100:

HP Switch(config)# access-list 115 deny ip host 10.10.10.100

HP Switch(config)# ip access-list extended 115

HP Switch(config-ext-nacl)# deny ip any 10.10.10.100

Appending remarks and related ACEs to the end of an ACL

To include a remark for an ACE that will be appended to the end of the current ACL, enter the

remark first, then enter the related ACE. This results in the remark and the subsequent ACE having

the same sequence number. For example, to add remarks using the "Named-ACL" (nacl) context:

Figure 204 Appending a remark and its related ACE to the end of an ACL

You can also perform the operation illustrated in Figure 204 (page 292) by using the numbered,

access-list

< 1-99 | 100-199 >

syntax shown at the beginning of this section.

See “Operating notes for remarks” (page 316), for more details.

Inserting remarks and related ACEs within an existing list

To insert an ACE with a remark within an ACL by specifying a sequence number, insert the numbered

remark first, then, using the same sequence number, insert the ACE. This operation applies only

to ACLs accessed using the "Named-ACL" (nacl) context.

Figure 205 Inserting remarks

292 IPv4 Access Control Lists (ACLs)