Command Reference Guide Global Configuration Mode Command Set
61200510L1-35E Copyright © 2005 ADTRAN 398
ip access-list standard <listname> [permit | deny] <ip address>
Use the ip access-list standard command to create an empty access list and enter the standard access-list.
Use the no form of this command to delete an access list and all the entries contained in it.
The following lists the complete syntax for the ip access-list standard commands:
ip access-list standard <listname> [permit | deny] any [permit | deny] host <ip addres s>
[permit | deny] <ip address> <wildcard>
Syntax Description
<listname>
Identifies the configured access list using an alphanumeric descriptor. All access list
descriptors are case-sensitive.
[permit | de n y]
Permits or denies entry to the routing system for specified packets.
<ip address> Specifies the source IP address used for packet matching.
IP addresses can be ex pr es se d in on e of thre e wa ys:
1. Using the keyword any to match any IP address. For exampl e, ente rin g deny
any will ef fectively shut down the interface that uses the access list because all
traffic will match the any keyword.
2. Using the host <A.B.C.D> to specify a single host address. For example,
entering permit host 196.173.22.253 will allow all traffic from the host with an
IP address of 196.173.2 2.253.
3. Using the <A.B.C.D> <wildcard> format to match all IP addresses in a “r ange.”
Wildcard masks work in reverse logic from subnet mask. Specifying a one in
the wildcard mask equates to a “don’t care.” For example, entering permit
192.168.0.0 0.0.0.255 will permit all traffic from the 192.168.0.0/24 network.
Default Values
By default, all AOS
security features are disabled and there are no configured access lists.
Applicable Platforms
This command applies to the NetVanta 300, 1000, 1000R, 2000, 3000, 4000, and 5000 and
Total Access 9000 Series units.
Command History
Release 2.1 Command was introduced.