Creates an IP Access Control List (ACL). ACLs contain rules that permit or deny traffic based on packet fields belonging to the IPv4 family of protocols.
all or egressConfig mode
Command-line mode changes from (config) to (config-ip-acl) after new IP ACL is created.
The following reserved keywords cannot be used as name identifiers: all, ingress-group, egress, egress-group, match, list, access-list, route-map, and listener-policy.| Message | Reason |
|---|---|
| Error: ipv4-acl name identifier cannot exceed 64 characters. | ACL name is longer than 64 characters. |
| Error: ipv4-acl name identifier must start with an alphabetic character or an underscore | ACL name begins with non-alphabetic character or does not begin with an underscore. |
| Error: ipv4-acl name identifier must be an arbitrary sequence of alphabets, numerals, underscores, hyphens, or dots. | ACL name contains invalid characters. |
| Error: ipv4-acl name identifier must not be reserved keyword "access-list". | ACL name includes the reserved word access-list |
The following example creates an ACL named P4. On successful creation the mode changes to config-ip-acl.
device# configure terminal device(config)# ip access-list P4 device(config-ip-acl)# device# show running-config ip access-list P4 ip access-list P4 device# show running-config ip access-list all ip access-list P4
The following example deletes the ACL named P4.
device# configure terminal device(config)# no ip access-list P4