Options
Help with ACL please
han.net
Member Posts: 65 ■■□□□□□□□□
in CCNA & CCENT
HI guys,
I have a small issue creating a standard named ACL on layer 3 switch, to apply it secure Telnet sesions.
On the Conf t mode ,
I created the ACL giving it the name of TELNET_ACCESS_CONTROL
and then putting the lines as I need according to a specific order .
The issue that I had , was , after I finished creating the ACL , and use the show commands to view the ACL by either show running config or shoe ACL , I get the lines of that ACL not in order at all , like
20 permit ........
40 permit .........
10 permit.......
100 permit .......
I need to know why that was happening and how to fix it please as line order is important as you know .
Many thanks
Hani
I have a small issue creating a standard named ACL on layer 3 switch, to apply it secure Telnet sesions.
On the Conf t mode ,
I created the ACL giving it the name of TELNET_ACCESS_CONTROL
and then putting the lines as I need according to a specific order .
The issue that I had , was , after I finished creating the ACL , and use the show commands to view the ACL by either show running config or shoe ACL , I get the lines of that ACL not in order at all , like
20 permit ........
40 permit .........
10 permit.......
100 permit .......
I need to know why that was happening and how to fix it please as line order is important as you know .
Many thanks
Hani
Comments
-
Options
blackninja
Member Posts: 385
Try:
ip access-list resequence TELNET_ACCESS_CONTROL 10 10Currently studying:
CCIE R&S - using INE workbooks & videos
Currently reading:
Everything. Twice
-
Optionshan.net
Member Posts: 65 ■■□□□□□□□□
Dear friend ,
That was very kind and it worked .
Many thanks -
Optionshan.net
Member Posts: 65 ■■□□□□□□□□
One last thing please , when I add a remark as a line , I donr see it when show access-list
Any advice
Regards -
Optionsblackninja
Member Posts: 385
One last thing please , when I add a remark as a line , I donr see it when show access-list
Any advice
Regards
I'm almost sure that remark is just for numbered ACLs and not for named?
Can't test as I'm at work.Currently studying:
CCIE R&S - using INE workbooks & videos
Currently reading:
Everything. Twice -
Optionshan.net
Member Posts: 65 ■■□□□□□□□□
I understand , but take a look at this
(config)#ip access-list standard hani
(config-std-nacl)#re
(config-std-nacl)#r?
remark
That was on Global mode -
Optionsblackninja
Member Posts: 385
Yes, I see.
Some of the guys here will know for certain.
Otherwise I'll test when I get home in 2 1/2 hours.Currently studying:
CCIE R&S - using INE workbooks & videos
Currently reading:
Everything. Twice -
Optionshan.net
Member Posts: 65 ■■□□□□□□□□
thats great!! , and also is there any platform to try some network config better than Packet tracer ??
Regards -
Optionsblackninja
Member Posts: 385
Packet tracer is pretty good for CCNA level configs.
Look into GNS3 can create a simple lab to a full blown CCIE lab.
GNS3 only works for routers, not switches. You can however create using a 3660 and an 16 port network module.
Gns3 is great once you get past the learning phase.
Check out: http://www.techexams.net/forums/ccna-ccent/51378-network-lab-using-gns3-vmware-workbook.htmlCurrently studying:
CCIE R&S - using INE workbooks & videos
Currently reading:
Everything. Twice -
Optionshan.net
Member Posts: 65 ■■□□□□□□□□
I passed my CCNA exam few months a go and currently workin in a jounior position.
We deal mostly with layer 3 switches
Thank s -
Optionsblackninja
Member Posts: 385
I understand , but take a look at this
(config)#ip access-list standard hani
(config-std-nacl)#re
(config-std-nacl)#r?
remark
That was on Global mode
You're right remarks don't show up in Show ip access-lists.
They do show up in sh runCurrently studying:
CCIE R&S - using INE workbooks & videos
Currently reading:
Everything. Twice
