Allied Telesis IE340 Series - Page 1980

Allied Telesis IE340 Series

3474 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

C613-50631-01 Rev A Command Reference for IE340 Series 1980

AlliedWare Plus™ Operating System - Version 5.5.3-0.x

IPV4 HARDWARE ACCESS CONTROL LIST (ACL) COMMANDS

(NAMED HARDWARE ACL ENTRY FOR IP PACKETS)

Usage notes To use this command, first run the command access-list hardware (named

hardware ACL) and enter the desired access-list name. This changes the prompt to:

awplus(config-ip-hw-acl)#

Then use this command (and the other “named hardware ACL: entry” commands)

to add filter entries. You can add multiple filter entries to an ACL. You can insert a

new filter entry into the middle of an existing list by specifying the appropriate

sequence number. If you do not specify a sequence number, the switch puts the

entry at the end of the ACL and assigns it the next available multiple of 4 as its

sequence number.

Then use the access-group or the match access-group command to apply this ACL

to a port, VLAN or QoS class-map. Note that the ACL will only apply to incoming

data packets.

Examples To add a filter entry to the access-list named “my-list” that will permit any IP packet

with a source address of 192.168.1.1, use the commands:

awplus# configure terminal

awplus(config)# access-list hardware my-list

awplus(config-ip-hw-acl)# permit ip 192.168.1.1/32 any

To add a filter entry to the access-list named “my-list” that will permit any IP packet

with a source address of 192.168.1.1and a MAC source address of ffee.ddcc.bbaa,

use the commands:

awplus# configure terminal

awplus(config)# access-list hardware my-list

awplus(config-ip-hw-acl)# permit ip 192.168.1.1/32 any mac

ffee.ddcc.bbaa 0000.0000.0000 any

To add a filter entry to the access-list named “my-list” that will deny all IP packets

on vlan 2, use the commands:

awplus# enable

awplus(config)# configure terminal

awplus(config)# access-list hardware my-list

awplus(config-ip-hw-acl)# deny ip any any vlan 2

Related

commands

access-group

access-list hardware (named hardware ACL)

match access-group

show running-config

show access-list (IPv4 Hardware ACLs)

Command

changes

Version 5.5.3-0.1: deny-and-not-cpu action parameter added on x230, x550, x930,

x950, SBx908 GEN2 Series switches

Version 5.5.3-0.1: log parameter added on x220, x320, x530, x550, x950, SBx908

GEN2 Series switches

Table of Contents

Command Reference for AlliedWare Plus™ Version 5.5.3-0.x1

Other manuals for Allied Telesis IE340 Series

Installation Guide136 pages

Quick Installation Guide4 pages

Related product manuals

Preview: Allied Telesis IE340-12GP

Allied Telesis IE340-12GP

Allied Telesis IE340-20GP

Preview: Allied Telesis AT-IE200-6GT-80

Allied Telesis AT-IE200-6GT-80

Preview: Rapier i AT-RP16Fi/SC

Rapier i AT-RP16Fi/SC

Preview: Allied Telesis AT-GS950

Allied Telesis AT-GS950

Allied Telesis AT-GS900

Preview: Allied Telesis AT-8012M

Allied Telesis AT-8012M

Preview: Allied Telesis AT-8326GB

Allied Telesis AT-8326GB

Preview: Allied Telesis AT-9000/28

Allied Telesis AT-9000/28

Preview: Allied Telesis x510 Series

Allied Telesis x510 Series

Preview: Allied Telesis GS950 PS Series

Allied Telesis GS950 PS Series

Preview: Allied Telesis GS950 Eco Series

Allied Telesis GS950 Eco Series