You can use the remark keyword to include comments (remarks) about entries in any IP standard or extended ACL. The remarks make the ACL easier for you to understand and scan. Each remark line is limited to 100 characters.

The remark can go before or after a permit or deny statement. You should be consistent about where you put the remark so that it is clear which remark describes which permit or deny statement. For example, it would be confusing to have some remarks before the associated permit or deny statements and some remarks after the statements.

To include a comment for IPv4 numbered standard or extended ACLs, use the access-list access-list_number remark remark global configuration command. To remove the remark, use the no form of this command.

In the first example, the numbered ACL denies the 192.168.10.10 guest workstation from exiting S0/0/0 but permits all other devices from 192.168.0.0/16.

For an entry in a named standard or extended ACL, use the remark access-list configuration command. To remove the remark, use the no form of this command. Example 2 shows a standard named ACL. In this example, the remark statements indicate that the lab workstation with the host address 192.168.11.10 is denied but devices from all other networks are permitted.