Manuals / Cisco Systems / Computer Equipment / Network Router

Cisco Systems SCE 1000 2xGBE manual Order of Entries, permit any deny, deny 10.1.1.0 permit any

Models: SCE 1000 2xGBE OL-7821-04

1 131
Download 131 pages 61.9 Kb
Page 75
Image 75
Order of Entries

Chapter 5 Connecting the Management Interfaces and Performing Initial System Configuration

Initial System Configuration

Order of Entries

The order of the entries in the list is important. The entries in the list are tested sequentially, and the action is determined by the first entry that matches the connecting IP address. Therefore, when the entry “any” appears in an Access Control List, all succeeding entries are irrelevant.

Consider two hypothetical ACLs containing the same entries in a different order. The following list would permit access to all IP addresses, including 10.1.1.0:

permit any deny 10.1.1.0

Note that the above list could not actually be created using the setup utility, since after the “any” entry, no other entries could be added to the list.

The following list will deny access to IP address 10.1.1.0, but permit access to all others:

deny 10.1.1.0 permit any

If no entry in the assigned Access Control List matches the connection, or if the Access Control List is empty, the default action is deny.

To create the access control lists, complete the following steps:

Step 1 Enter the Access Control Lists configuration menu.

Would you like to enter the Access lists configuration menu? [no]: y

Type y and press Enter.

The Access Control Lists configuration dialog begins.

Step 2 You have the option of creating or modifying Access Control Lists, or skipping this section and

proceeding directly to assign the existing ACLs to the desired management interfaces.

Would you like to create new Access lists or modify existing lists? [no]: y

If you choose not to create or edit Access Control Lists, skip to Step 9: Configuring the Topology- Dependent Parameters (on page 5-18).

Step 3 Type the number of the Access Control List to be configured (1 through 99) and press Enter. Note that there is no default for this parameter.

Step 4 Begin adding entries to the selected list.

Indicate whether this entry is permitted access or denied access.

To permit access press Enter.

To deny access type n and press Enter.

Does this entry permit access? [yes]:

Step 5 Type the IP address to be added to this list, and press Enter.

Type “any” and press Enter to include any IP address in the ACL.

Note that there is no default for this parameter.

Enter IP address or the word ‘any’ to denote any IP address:

Cisco SCE 1000 2xGBE Installation and Configuration Guide

 

OL-7821-04

5-13

 

 

 

Page 74 Page 76
Page 75
Image 75
Cisco Systems SCE 1000 2xGBE, OL-7821-04 manual Order of Entries, permit any deny, deny 10.1.1.0 permit any
Page 74 Page 76