Adding remarks to access lists, Monitoring extended access lists, Configuration examples for extended access lists – Cisco ASA 5505 User Manual

Page 391

Advertising
background image

15-5

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 15 Adding an Extended Access List

Monitoring Extended Access Lists

Adding Remarks to Access Lists

You can include remarks about entries in any access list, including extended, EtherType, IPv6, standard,
and Webtype access lists. The remarks make the access list easier to understand.

To add a remark after the last access-list command you entered, enter the following command:

Example

You can add remarks before each ACE, and the remark appears in the access list in this location. Entering
a dash (-) at the beginning of the remark helps set it apart from the ACEs.

hostname(config)# access-list OUT remark - this is the inside admin address

hostname(config)# access-list OUT extended permit ip host 209.168.200.3 any

hostname(config)# access-list OUT remark - this is the hr admin address

hostname(config)# access-list OUT extended permit ip host 209.168.200.4 any

Monitoring Extended Access Lists

To monitor extended access lists, enter one of the following commands:

Configuration Examples for Extended Access Lists

This section includes the following topics:

Configuration Examples for Extended Access Lists (No Objects), page 15-6

Configuration Examples for Extended Access Lists (Using Objects), page 15-6

Command

Purpose

access-list

access_list_name remark text

Example:

hostname(config)# access-list OUT remark -

this is the inside admin address

Adds a remark after the last access-list command you entered.

The text can be up to 100 characters in length. You can enter leading spaces
at the beginning of the text. Trailing spaces are ignored.

If you enter the remark before any access-list command, then the remark
is the first line in the access list.

If you delete an access list using the no access-list access_list_name
command, then all the remarks are also removed.

Command

Purpose

show access list

Displays the access list entries by number.

show running-config access-list

Displays the current running access-list
configuration.

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals