Noncontiguous Ports on an Access Control Entry

Noncontiguous Ports on an Access Control Entry:

This feature greatly reduces the number of ACEs required in an access control list to handle multiple entries for the same source address, destination address, and protocol

The following example shows the removal of the redundant access list entries and the creation of a new access list entry that consolidates the previously displayed group of access list entries:

Because the entries are all for the same permit statement and simply show different ports, they can be consolidated into one new access list entry.

Sweet no more long ACL Configurations!

A Networker Blog

2 thoughts on “Noncontiguous Ports on an Access Control Entry

  1. Take a closer look at the first screenshot. You have one of the telnet ACLS set to 670. That isn’t matched in your second ACL.

  2. Thanks Paul, Yeap Fat finger there in line 20 of the ACL at the first screenshot, (new with my MacBook)..

    Line 20 should be read as:

    20 permit tcp any eq telnet any eq 679

    in order to have the same meaning with the output shown in screeshoot 2

    This new feature, for me, is very similar to the distributive function in math, however that was just an example, because the return tcp traffic is going to be always something higher than 1024 by default if that is not manipulated of course đŸ™‚

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s