Matching Logic and Command Syntax

Standard numbered IP ACLs use the following global command:

access-list {1-99 | 1300-1999} {permit | deny} matching-parameters

Each standard numbered ACL has one or more access-list commands with the same number, any number from the ranges shown in the preceding line of syntax. (One number is no better than the other.)

Besides the ACL number, each access-list command also lists the action (permit or deny), plus the matching logic. The rest of this section examines how to configure the matching parameters, which for standard ACLs, means that you can only match the source IP address, or portions of the source IP address using something called an ACL wildcard mask.

Matching the Exact ...

Get CCENT/CCNA ICND1 100-101 Official Cert Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.