Numbered ACLs With Subcommands

You've learned that numbered ACLs are configured in global config mode

R1(config)# access-list 1 deny 192.168.1.1
R1(config)# access-list 1 permit any

You also learned that named ACLs are configured with subcommands in a separate config mode:

R1(config)# ip access-list standard BLOCK_PC1
R1(config-std-nacl)# deny 192.168.1.1
R1(config-std-nacl)# permit any

However, in modern IOS you can also configured numbered ACLs in the exat same way as named ACLS

R1(config)# ip access-list standard 1
R1(config-std-nacl)# deny 192.168.1.1
R1(config-std-nacl)# permit any

This is just a different way of configuring numbered ACLs. However, in the running-config the ACL will display as if it was configured using the traditional method.

Advantages of named ACL config mode

You can easily delete individual entries in the ACL with no <entry-number>

When configuring/editing numbered ACLS from global config mode, you can't delete individual entries, you can only delete the entire ACL!

You can insert new entries in between other entries by specifying the sequence number.

PreviousStandard Named ACLs NextResequencing ACLS

Last updated 1 year ago