CCNA And CCENT ACL Tutorial: Using Remarks In Access Lists
We’re wrapping up this full CCNA Access List course with some remarks about remarks — to be more specific, the remark command.
It can be a bit frustrating when you notice a new ACL on a router, and you’re not quite sure who put it there or if it should still be there. Same goes for examining a 57-line ACL that refers to some non-common port numbers. Whether it’s for your own reference or someone else’s, it’s a great idea to use the remark feature to briefly explain the purpose of an ACL.
That’s where remarks come in. You can add them as you write an ACL…
R1(config)#access-list 50 permit host 10.1.1.1 R1(config)#access-list 50 deny any R1(config)#access-list 50 remark Used Nov 2 2018 to identify host.
… or add them via editing. You’ll see a dollar sign in the second line here since the remark I put in was longer than the display width I had on this particular Cisco router. You’ll see the full remark when we verify the remark.
R1(config)#ip access-list standard 51 R1(config-std-nacl)#$ on Nov 2 2018 to identify security testing host.
Remarks do not appear in the output of show ip access-list, show access-list, or show ip interface, but will appear in the running configuration (and the starting config once saved).
R1#show running-config Building configuration... (editing config to show only ACLs 50 and 51) access-list 50 permit 10.1.1.1 access-list 50 remark Used Nov 2 2018 to identify host. access-list 51 deny 10.1.1.1 access-list 51 permit any access-list 51 remark Used on Nov 2 2018 to identify security testing host.
The remark command is simple and powerful. Be ready to use it on your exams and on your network.
This concludes this free CCNA / CCENT Access List course. To access every lesson in the course, head over to my CCNA Tutorials Page. You’ll find a full and free course on EIGRP there as well. Dig in!
Comments, questions, and very mild criticisms always welcome!