Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Route Map using Named ACL

Status
Not open for further replies.

ramizbsd

ISP
Oct 23, 2005
7
Dears All,
I have gateway router 7206vxron which I have two wan links. I want to distribute my traffic using Route-Map with named acl. I followed the document related to named acl

Now problem is, the document says in step 4 and 5 that we can use optional parameter [sequence-number] so that we can edit named acl or place new entry any where in acl based on this [sequence-number]. But In real when tried to implement it on gateway router, I could not. Sequence number had not been accepted.

FLAG-Gate#
FLAG-Gate#conf t
Enter configuration commands, one per line. End with CNTL/Z.

FLAG-Gate(config)#ip access-list extended MyACL
FLAG-Gate(config-ext-nacl)#?
Ext Access List configuration commands:
default Set a command to its defaults
deny Specify packets to reject
dynamic Specify a DYNAMIC list of PERMITs or DENYs
evaluate Evaluate an access list
exit Exit from access-list configuration mode
no Negate a command or set its defaults
permit Specify packets to forward
remark Access list entry comment

FLAG-Gate(config-ext-nacl)#1000 permit ip host 192.168.161.168 any
^
% Invalid input detected at '^' marker.

FLAG-Gate(config-ext-nacl)#

So what would be the reason? Why I could not enter sequence # 1000? Without it command was acceptable.
Waiting for Response

Regards,
 
What version of IOS do you have? Use the 'show version' command to check.

I believe this feature was introduced in IOS 12.3.
 
Dear KiscoKid,

Gateway#
Gateway#show version
Cisco Internetwork Operating System Software
IOS (tm) 7200 Software (C7200-JS-M), Version 12.2(34), RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2006 by cisco Systems, Inc.
Compiled Thu 02-Mar-06 04:32 by pwade
Image text-base: 0x60008940, data-base: 0x6168E000

ROM: System Bootstrap, Version 12.2(4r)B2, RELEASE SOFTWARE (fc2)
BOOTLDR: 7200 Software (C7200-BOOT-M), Version 12.0(13)S, EARLY DEPLOYMENT RELEASE SOFTWARE (fc1)

<Rest of the output I omitted>

Regards
 
Your IOS levels are too low - 12.2(34).
Can you upgrade to 12.3 or 12.4 and see how you go.
 
Dear KiscoKid,
Ok thanks for responding. Tell me if i don't want to upgrade ios and still want to insert an entry in between some other entries. Is it posible?

For Example
First i have acl entries

ip access-list extended Test
permit ip host 192.168.12.5 any
permit ip host 192.168.13.2 any
permit ip 192.168.200.0 0.0.0.255 any
permit ip 172.16.10.0 0.0.0.255 any

now i want to add an acl entry "deny ip host 192.168.200.5 any" in between "permit ip host 192.168.13.2 any" and "permit ip 192.168.200.0 0.0.0.255 any" so that route-map would apply on network 192.168.200.0 except host 192.168.200.5.

How is it possible without sequence number?
Regards


 
It isn't possible , you would have to temp pull the ACL change it in a notepad and paste it back it . Numbered ACL started with 12.2T train or 12.3 mainline , you are at 12.2 mainline so if doesn't numbering capability.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top