4 Replies Latest reply: Apr 7, 2012 7:06 PM by Paul Stewart - CCIE Security RSS

    Extended ACLs

    Sampath Weerasinghe - CCIE

      Hi I'm looking for a good documentation or description of extended acls. Specifically

      the following aspects-

      if I deny tcp any any

      then permit ip any any

      what happens to udp traffic..? denied or permitted


      How about if I create a new extended acl, then permit pim any any. What happens to

      the other protocols like ip,tcp,igmp,... are they implicitly denied?


      R5(config)#access-list 101 permit ?

        <0-255>  An IP protocol number

        ahp      Authentication Header Protocol

        eigrp    Cisco's EIGRP routing protocol

        esp      Encapsulation Security Payload

        gre      Cisco's GRE tunneling

        icmp     Internet Control Message Protocol

        igmp     Internet Gateway Message Protocol

        ip       Any Internet Protocol

        ipinip   IP in IP tunneling

        nos      KA9Q NOS compatible IP over IP tunneling

        ospf     OSPF routing protocol

        pcp      Payload Compression Protocol

        pim      Protocol Independent Multicast

        tcp      Transmission Control Protocol

        udp      User Datagram Protocol