Extended ACL configuration structure

Individual ACEs in an extended ACL include:
  • A permit/deny statement

  • Source and destination IPv4 addressing

  • Choice of IPv4 criteria, including optional precedence and ToS

  • Optional ACL log command (for deny entries)

  • Optional remark statements

General structure options for an extended ACL

For example, the following figure shows how to interpret the entries in an extended ACL.

Displayed extended ACL configuration