Name
ip access-list — global
Synopsis
ip access-list {standard | extended} name
Configures
Named access lists
Default
None
Description
This command allows you to create a named access list. A named access
list is really no different from a numbered access list as defined by
the access-list
command, except that it is
identified by a logical name. A named access list may be either
standard
or extended
. This
command is followed by permit
and
deny
commands that specify the access-list rules.
For more about access lists, see Chapter 7 and the
discussion of the access-list
command.
Example
The following commands define a named access list that allows HTTP traffic from any host to the server at 10.1.2.3 and permits all other TCP traffic that has the SYN flag set. Remember that all access lists end with an implicit deny, which rejects all traffic not permitted by a statement in the access list.
ip access-list extended bogus-firewall permit tcp any host 10.1.2.3 eq http permit tcp any any established
Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.