Lab 43: ACL Sequence Numbers

Lab Objective:

The objective of this lab exercise is for you to learn and understand how to use ACL sequence numbers to add and remove (edit) a live access list.

Lab Purpose:

With IOS 12.4 onward, Cisco IOS adds sequence numbers to ACL entries, allowing you to add additional lines where you want and remove those no longer necessary.

Certification Level:

This lab is suitable for CCENT certification exam preparation.

Lab Difficulty:

This lab has a difficulty rating of 6/10.

Readiness Assessment:

When you are ready for your certification exam, you should complete this lab in no more than 5 minutes.

Lab Topology:

Please use the following topology to complete this lab exercise:

Lab 43: ACL Sequence Numbers 2

Task 1:

Configure the hostname on router R1 as illustrated in the topology.

Task 2:

Add a standard named ACL with three lines of configuration. Use the relevant show command to display the lines.

Task 3:

Add an entry between entries 10 and 20. Remove line 30. Use the relevant show command to display the lines.

Task 4:

Resequence the ACL numbers to increment in 20s, starting from number 100. Use the relevant show command to display the lines.

Configuration and Verification

Task 1:

For reference information on configuring hostnames, please refer to earlier labs.

Task 2:

R1(config)#ip access-list standard sequence 
R1(config-std-nacl)#permit 172.16.1.1 
R1(config-std-nacl)#permit 172.20.1.1 
R1(config-std-nacl)#permit 192.168.1.1 
R1(config-std-nacl)# 
R1(config-std-nacl)#end 

R1#show ip access-lists 
Standard IP access list sequence 
   30 permit 192.168.1.1 
   20 permit 172.20.1.1 
   10 permit 172.16.1.1

Task 3:

R1(config)# 
R1(config)#ip access-list standard sequence 
R1(config-std-nacl)#15 permit 10.1.1.1 
R1(config-std-nacl)#no 30 
R1(config-std-nacl)#end 
R1#show ip access-lists 
Standard IP access list sequence 
   15 permit 10.1.1.1 
   20 permit 172.20.1.1 
   10 permit 172.16.1.1

R1#show ip access-lists 
Standard IP access list sequence 
   15 permit 10.1.1.1 
   20 permit 172.20.1.1 
   10 permit 172.16.1.1

Task 4:

R1(config)#ip access-list resequence sequence 100 20 
R1(config)#do show ip access-lists 
Standard IP access list sequence 
   100 permit 10.1.1.1
   120 permit 172.20.1.1 
   140 permit 172.16.1.1

 


Related Articles

guest
0 Comments
Inline Feedbacks
View all comments