Ethernet Switches & Routers

Reply
Occasional Contributor
Posts: 11
Registered: ‎01-25-2011

PBR / ACL Question

Hello!  This is my first post, so be gentle....

I currently have a policy-based route applied to one of my virtual interfaces that sets a next hop for all "external" traffic.  I have a simple question regarding the addition of a single host to the ACL list.

Here's the abbreviated ACL list:

access-list 101 deny ip 10.69.169.0 0.0.0.255 10.69.166.0 0.0.0.255
access-list 101 deny ip 10.69.169.0 0.0.0.255 10.69.167.0 0.0.0.255
...blah
...blah
access-list 101 deny ip 10.69.169.0 0.0.0.255 172.17.188.0 0.0.0.255
access-list 101 deny ip 10.69.169.0 0.0.0.255 10.70.169.0 0.0.0.255
access-list 101 permit ip 10.69.169.0 0.0.0.255 any

If need to add the single host of 10.69.169.25 to the deny list, what's the proper syntax to do so?  I'm asusming it'll trump the last "permit" line also?

Thanks in advance!!

Chris

Occasional Contributor
Posts: 11
Registered: ‎01-25-2011

Re: PBR / ACL Question

This is what I'm thinking:

access-list 101 deny ip host 10.69.169.25 any

Does anyone see any problem with adding this?  Sorry  - I know this is a fairly dumb/simple question...  I just want to be extra-confident in whatever I do based on the sensitivity of the area in which I'm working (mistake = site down = no revenue = me in trouble).

Thanks!

Occasional Contributor
Posts: 11
Registered: ‎01-25-2011

Re: PBR / ACL Question

access-list 101 deny ip host 10.69.169.25 any

..worked like a charm.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook