CHAPT ER
15-1
Cisco ASA 5500 Series Configuration Guide using the CLI
15
Adding an Extended Access List
This chapter describes how to configure extended access lists (also known as access control lists), and
it includes the following sections:
Information About Extended Access Lists, page15-1
Licensing Requirements for Extended Access Lists, page15-1
Guidelines and Limitations, page15-1
Default Settings, page15-2
Configuring Extended Access Lists, page15-2
Monitoring Extended Access Lists, page 15-5
Configuration Examples for Extended Access Lists, page15-5
Where to Go Next, page15-7
Feature History for Extended Access Lists, page15-7

Information About Extended Access Lists

Access lists are used to control network access or to specify traffic for many features to act upon. An
extended access list is made up of one or more access control entries (ACE) in which you can specify
the line number to insert the ACE, the source and destination addresses, and, depending upon the ACE
type, the protocol, the ports (for TCP or UDP), or the ICMP type. You can identify all of these parameters
within the access-list command, or you can use objects for each parameter.

Licensing Requirements for Extended Access Lists

The following table shows the licensing requirements for this feature:
Guidelines and Limitations This section includes the guidelines and limitations for this feature.
Context Mode Guidelines
Supported in single and multiple context mode.
Model License Requirement
All models Base License.