Categories
CCNP Enterprise Core (350-401) Cisco Security

Numbered Extended Access Control Lists

The process for defining an extended access control list:

access-list 2100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255

The above configuration will permit access from 192.168.1.0/24 to 192.168.2.0/24

An extended numbered access list can have a number between 100 to 199 or 2300 to 2699

Some additional flexibility is present with extended access control lists.

Greater than, equal to, and less than operators are available for port numbers

access-list 2200 permit tcp any host 192.168.1.10 eq 22

The above line will permit any traffic to host 192.168.1.10 on TCP Port 22

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.