Users Guide
Layer 2 Switching Commands 276
ip access-list
Use the ip access-list command in Global Configuration mode to create an
Access Control List (ACL) that is identified by the parameter list-name and
to enter IPv4-Access-List configuration mode. If parameterized with the
name of an existing access list, additional match clauses are added to the end
of the access list.
Syntax
ip access-list list-name [extended]
no ip access-list list-name
•
list-name
—Access-list name up to 31 characters in length.
Default Configuration
This command has no default configuration.
Command Mode
Global Configuration mode
User Guidelines
Access lists use the extended access list format. Multiple permit and deny
clauses and actions may be specified without requiring the access list name to
be entered each time. Permit and deny clauses are entered in order from the
first match clause when in Access List Configuration mode.
ACL names are global. An IPv6 access list cannot have the same name as an
IPv4 access list. Access list names can consist of any printable character
except a question mark. Names can be up to 31 characters in length. ACLs
referenced in a route map may not be edited. Instead, create a new ACL with
the desired changes and refer to the new ACL in the route map.
deny | permit (IP ACL)
Use this command in Ipv4-Access-List Configuration mode to create a new
rule for the current IP access list. Each rule is appended to the list of
configured rules for the list if no sequence number is specified. Use the no
form of the command to delete an existing permit/deny clause.