Vous êtes sur la page 1sur 1

The syntax for the Standard ACL statement is:

access-list [access-list-number] [deny|permit] [source address] [source-wildcard


][log]
Document the function of each section or statement of the ACL using the remark c
ommand:
access-list [list number] remark [text]
To delete an ACL, use the command:
no access-list [list number]

Assign an ACL to one or more interfaces, specifying either inbound traffic or ou


tbound traffic. Apply a standard ACL as close to the destination as possible.
R2(config-if)#ip access-group [list number] [in | out]
The following commands place access-list 5 on the R2 Fa0/0 interface filtering i
nbound traffic:
R2(config)#interface fastethernet 0/0
R2(config-if)#ip access-group 5 in
To remove an ACL from an interface while leaving the ACL intact, use the
no ip access-group interface command.

Displays IP interface information and indicates any assigned ACLs.


show access-list [access list number]
. To see a specific list, add the ACL name or number as an option for this comma
nd.

show running-config
A Named ACL is created with the command:
ip access-list {standard | extended} name
The process used to create the VTY access control list is the same as for an int
erface. However, applying the ACL to a VTY line uses a different command. Instea
d of using the ip access-group command, use the access-class command
show clock
*00:03:45.213 UTC Mon Mar 1 2007