Cisco Systems 78-11741-02 manual Creating Standard and Extended Access Lists Using Names, IPC-91

Configuring IP Services

Filtering IP Packets Using Access Lists

Note In a standard access list, if you omit the mask from an associated IP host address access list specification, 0.0.0.0 is assumed to be the mask.

Note Autonomous switching is not used when you have extended access lists.

After creating an access list, you must apply it to a line or interface, as shown in the section “Applying Access Lists” later in this chapter. See the “Implicit Masks in Access Lists Examples” section at the end of this chapter for examples of implicit masks.

Creating Standard and Extended Access Lists Using Names

You can identify IP access lists with an alphanumeric string (a name) rather than a number. Named access lists allow you to configure more IP access lists in a router than if you were to use numbered access lists. If you identify your access list with a name rather than a number, the mode and command syntax are slightly different. Currently, only packet and route filters can use a named list.

Consider the following guidelines before configuring named access lists:

•Access lists specified by name are not compatible with Cisco IOS Releases prior to 11.2.

•Not all access lists that accept a number will accept a name. Access lists for packet filters and route filters on interfaces can use a name.

•A standard access list and an extended access list cannot have the same name.

•Numbered access lists are also available, as described in the previous section, “Creating Standard and Extended Access Lists Using Numbers.”

Note Named access lists will not be recognized by any software release prior to Cisco IOS Release 11.2.

To create a standard access list, use the following commands beginning in global configuration mode:

1. This example configures the remark before the deny or permit statement. The remark can be configured after the deny or permit statement.

Cisco IOS IP Configuration Guide

IPC-91