Chapter 68: ACL Commands
1062 Section X: Network Management
MAC ACCESS-GROUP
Syntax
mac access-group
id_number
Parameters
id_number Specifies the ID number of a MAC address access control
list you want to add to a port. The range is 4000 to 4699.
You can add just one ACL to a port at a time with this
command.
Mode
Port Interface mode
Description
Use this command to add MAC address ACLs to ports on the switch. Ports
begin to filter packets as soon as they are assigned ACLs.
Note
If a port is to have both permit and deny ACLs, you must add the
permit ACLs first because ingress packets are compared against the
ACLs in the order in which they are added to a port. If you add the
deny ACLs before the permit ACLs, a port is likely to block traffic you
want it to forward.
Confirmation Command
“SHOW INTERFACE ACCESS-GROUP” on page 1067
Example
This example adds the ACL 4022 to port 15:
awplus> enable
awplus# con
figure terminal
awplus(config)# interface port1.0.15
awplus(config-if)#
mac access-group 4022
awplus(config-if)# end
awplus#
show interface port1.0.15 access-group
To Next Page
Loading...
