How to configure Named ACL?

author
,
Network Engineer
  • Total 1 Answer
  • 2786
Can You answer this question?
author
,
CCNA Routing and Switching

Named ACL :  Named ACl has several advantages over simple ACl

1. we can edit our access-list and change the sequence of permit/deny statements .

2. We can provide name to ACL's which can be easy to remember instead of numbers.

3.Only once we have to write acl name or number and then we can type all statments into it.

How to Confiure it : 

R1(config)# ip access-list < Standard / Extended > < Name_of_ACL / ACL_Number >  Enter

R1(config-std-nacl)# [ <Sequence_Number > ] < permit / deny  > then ip's.

 

ex. Standard Named ACL : 

R1(config)#ip access-list standard 1 

R1(config-std-nacl)#10 permit host 10.0.0.1

R1(config-std-nacl)#25 permit any

R1(config-std-nacl)# exit

TO Verify : 

R1#show ip access-lists 
Standard IP access list 1
    20 deny   10.0.0.3
    10 permit 10.0.0.1
    25 permit any

Don't forget to apply it on a specific interface inbound or outbound : 

R1(config)#int fa0/0
R1(config-if)#ip access-group 1 in
R1(config-if)#exit

ex : Extended Named ACl : 

R1(config)#ip access-list extended DENY_NET_10

R1(config-ext-nacl)#deny ip 10.0.0.0 0.255.255.255 any

R1(config-ext-nacl)#permit ip any any 
R1(config-ext-nacl)#exit

R1(config)#do show ip access-lists

Extended IP access list DENY_NET_10
    10 deny ip 10.0.0.0 0.255.255.255 any
    20 permit ip any any