Using Sequence Numbers in Named ACLs

Router(config)#ip access-list extended serveraccess2

Creates an extended named ACL called serveraccess2

Router(config-ext-nacl)#10 permit tcp any host eq smtp

Uses a sequence number of 10 for this line

Router(config-ext-nacl)#20 permit udp any host eq domain

Sequence number of 20 will be applied after line 10

Router(config-ext-nacl)#30 deny ip any any log

Sequence number 30 will be applied after 20



Router(config)#int fa 0/0


Router(config-if)#ip access-group serveraccess2 out

Applies this ACL to the FastEthernet Interface 0/0 in an outbound direction



Router(config)#ip access-list extended serveraccess2


Router(config-ext-nacl)#25 permit tcp any host eq ftp

Sequence number of 25 places this line after line 20 and before line 30




Sequence numbers are used to allow for easier editing of your ACL's. The preceding example used numbers 10, 20, and 30 in the ACL lines. If I needed to add another line to this ACL, it would have previously been added after the last linemy line 30. If I needed a line to go closer to the top, I would have had to remove the entire ACL and then reapply it with the lines in the correct order. Now I can enter in a new line with a sequence number, placing it in the correct location.


The sequence-number argument was added in IOS version 12.2(14)S. It was integrated into Cisco IOS Software Release 12.2(15)T.

CCNA Self-Study(c) CCNA Portable Command Guide
CCNA Portable Command Guide
ISBN: 1587201585
EAN: 2147483647
Year: 2006
Pages: 261
Authors: Scott Empson

Similar book on Amazon © 2008-2017.
If you may any questions please contact us: