Page 20
Not approved by Document Control. For review only.
Allied Telesis
Command Line Interface User’s Guide
The following user guidelines are relevant to GE devices only:
• Before an Access Control Element (ACE) is added to an ACL, all packets are permitted. After an ACE is
added, an implied deny-any-any condition exists at the end of the list and those packets that do not match
the conditions defined in the permit statement are denied.
• If the VLAN ID is specified, the policy map cannot be connected to the VLAN interface.
Example
The following example shows how to create a MAC ACL with deny rules.
service-acl
The service-acl Interface Configuration mode command controls access to an interface. Use the no form of this
command to remove the access control.
Syntax
service-acl input acl-name
no service-acl input
Parameters
•
input — Applies the specified ACL to the input interface.
Default Configuration
This command has no default configuration.
Command Mode
Interface Configuration (Ethernet, Port-Channel) mode
User Guidelines
In advanced mode, when an ACL is bound to an interface, the port trust mode is set to trust 12-13 and not to 12.
Example
The following example, binds (services) an ACL to Ethernet interface g2.
show access-lists
The show access-lists Privileged EXEC mode command displays Access Control Lists (ACLs) configured on the
switch.
Syntax
show access-lists [name]
Console(config)#
mac access-list
macl1
Console (config-mac-acl)#
deny
6:6:6:6:6:6:0:0:0:0:0:0
any
Console(config)#
interface ethernet
g2
Console(config-if)#
service-acl input
macl1
To Next Page
Loading...
Need help?
General
