Specifications
3-616
Cisco Wide Area Application Services Command Reference
OL-16451-01
Chapter 3 CLI Commands
Extended ACL Configuration Mode Commands
To create and modify extended access lists on a WAAS device for controlling access to interfaces or
applications, use the ip access-list extended global configuration command. To disable an extended
access list, use the no form of this command.
ip access-list extended {acl-name | acl-num}
no ip access-list extended {acl-name | acl-num}
Syntax Description
Defaults An access list drops all packets unless you configure at least one permit entry.
Command Modes global configuration
Device Modes application-accelerator
central-manager
Usage Guidelines Within ACL configuration mode, you can use the editing commands (list, delete, and move) to display
the current condition entries, to delete a specific entry, or to change the order in which the entries will
be evaluated. To return to global configuration mode, enter the exit command at the ACL configuration
mode prompt.
To create an entry, use a deny or permit keyword and specify the type of packets that you want the
WAAS device to drop or to accept for further processing. By default, an access list denies everything
because the list is terminated by an implicit deny any entry. Therefore, you must include at least one
permit entry to create a valid access list.
extended Enables extended ACL configuration mode. The CLI enters the extended
ACL configuration mode in which all subsequent commands apply to the
current extended access list. The (config-ext-nacl) prompt appears:
WAE(config-ext-nacl)#
acl-name Access list to which all commands entered from ACL configuration mode
apply, using an alphanumeric string of up to 30 characters, beginning with
a letter.
acl-num Access list to which all commands entered from access list configuration
mode apply, using a numeric identifier. For extended access lists, valid
values range from 100 to 199.