Chapter 76: ACL Commands
1284
This example adds a deny access list to ports 4 and 5 to discard all
untagged ingress packets that are ICMP, from the 152.12.45.0 subnet.
The access list is assigned the ID number 3094:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3094 deny icmp 152.12.45.0/24
any
awplus(config)# interface port1.0.4,port1.0.5
awplus(config_if)# access-group 3094
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.4,port1.0.5 access-group
This example adds a deny access list to port 11 to discard all ingress
packets that are ICMP and that have source and destination addresses
from the 115.201.312.0/24 and 115.201.313.0/24 subnets, respectively.
The ACLs are assigned the ID numbers 3045 and 3046:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3045 deny icmp 115.201.312.0/24
115.201.313.0/24
awplus(config)# access-list 3046 deny icmp 115.201.312.0/24
115.201.313.0/24
awplus(config)# interface port1.0.11
awplus(config_if)# access-group 3045
awplus(config_if)# access-group 3046
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.11 access-group
This example creates a deny access list that discards all tagged ingress
IGMP packets with a VID of 12, from ports 12 to 20:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3156 deny icmp any
any vlan 12
awplus(config)# interface port1.0.12-port1.0.20
awplus(config_if)# access-group 3156
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.12-port1.0.20 access-group
To Next Page
Loading...
