Lab Objective:
The objective of this lab exercise is for you to learn and understand how to use ACL sequence numbers to add and remove (edit) a live access list.
Lab Purpose:
With IOS 12.4 onward, Cisco IOS adds sequence numbers to ACL entries, allowing you to add additional lines where you want and remove those no longer necessary.
Certification Level:
This lab is suitable for CCENT certification exam preparation.
Lab Difficulty:
This lab has a difficulty rating of 6/10.
Readiness Assessment:
When you are ready for your certification exam, you should complete this lab in no more than 5 minutes.
Lab Topology:
Please use the following topology to complete this lab exercise:
Task 1:
Configure the hostname on router R1 as illustrated in the topology.
Task 2:
Add a standard named ACL with three lines of configuration. Use the relevant show command to display the lines.
Task 3:
Add an entry between entries 10 and 20. Remove line 30. Use the relevant show command to display the lines.
Task 4:
Resequence the ACL numbers to increment in 20s, starting from number 100. Use the relevant show command to display the lines.
Configuration and Verification
Task 1:
For reference information on configuring hostnames, please refer to earlier labs.
Task 2:
R1(config)#ip access-list standard sequence R1(config-std-nacl)#permit 172.16.1.1 R1(config-std-nacl)#permit 172.20.1.1 R1(config-std-nacl)#permit 192.168.1.1 R1(config-std-nacl)# R1(config-std-nacl)#end R1#show ip access-lists Standard IP access list sequence 30 permit 192.168.1.1 20 permit 172.20.1.1 10 permit 172.16.1.1
Task 3:
R1(config)# R1(config)#ip access-list standard sequence R1(config-std-nacl)#15 permit 10.1.1.1 R1(config-std-nacl)#no 30 R1(config-std-nacl)#end R1#show ip access-lists Standard IP access list sequence 15 permit 10.1.1.1 20 permit 172.20.1.1 10 permit 172.16.1.1 R1#show ip access-lists Standard IP access list sequence 15 permit 10.1.1.1 20 permit 172.20.1.1 10 permit 172.16.1.1
Task 4:
R1(config)#ip access-list resequence sequence 100 20 R1(config)#do show ip access-lists Standard IP access list sequence 100 permit 10.1.1.1 120 permit 172.20.1.1 140 permit 172.16.1.1