Home |
Access Control Lists Overview |
10 Things to know about ACLs
Anatomy of ACLs |
ACL Tutorial with Q&A |
Demystifying ACLs |
ACL Wildcards
ACL PowerPoint 1 |
ACL PowerPoint 2 |
Cisco ACL paper
Adding Remarks to Access Lists
Important Tip: Don't forget to use remark statements in
your ACLs. They'll come in handy when you have to troubleshoot something
later - like a year from now.
You can include remarks about entries in any access list, including extended, EtherType, IPv6, standard, and Webtype access lists.
The remarks make the access list easier to understand.
To add a remark after the last access-list command you entered, enter the following command:
| Command | Purpose |
access-list access_list_name or number remark - text Example:
hostname(config)# access-list OUT remark - |
Adds a remark after the last access-list command you entered. The text can be up to 100 characters in length. You can enter leading spaces at the beginning of the text. Trailing spaces are ignored. If you enter the remark before any access-list command, then the remark is the first line in the access list. If you delete an access list using the no access-list access_list_name command, then all the remarks are also removed. |
Another Example:
You can add a remark before each Access Control Entry (ACE), and the remarks appear in the access lists in these locations.
Entering a dash (-) at the beginning of a remark helps to set it apart from an ACE.
hostname(config)# access-list OUT remark - this is the inside admin address
hostname(config)# access-list OUT extended permit ip host 209.168.200.3 any
hostname(config)# access-list OUT remark - this is the hr admin address
hostname(config)# access-list OUT extended permit ip host 209.168.200.4 any