EasyManua.ls Logo

Cisco Catalyst 2960 Series

Cisco Catalyst 2960 Series
2288 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
SUMMARY STEPS
1.
enable
2.
configure terminal
3.
ip access-list extended access-list-name
4.
[sequence-number] permit tcp source source-wildcard [operator port [port]] destination
destination-wildcard [operator [port]] [established {match-any | match-all} {+ | -} flag-name]
[precedence precedence] [tos tos] [log] [time-range time-range-name] [fragments]
5.
[sequence-number] deny tcp source source-wildcard [operator port [port]] destination destination-wildcard
[operator [port]] [established {match-any | match-all} {+ | -} flag-name] [precedence precedence] [tos
tos] [log] [time-range time-range-name] [fragments]
6.
Repeat Step 4 or Step 5 as necessary, adding statements by sequence number where you planned. Use the
no sequence-number command to delete an entry.
7.
end
8.
show ip access-lists access-list-name
DETAILED STEPS
PurposeCommand or Action
Enables privileged EXEC mode.enable
Step 1
Example:
Device> enable
Enter your password if prompted.
Enters global configuration mode.configure terminal
Example:
Device# configure terminal
Step 2
Specifies the IP access list by name and enters named access list
configuration mode.
ip access-list extended access-list-name
Example:
Device(config)# ip access-list extended
acl-extd-1
Step 3
Specifies a permit statement in named IP access list configuration
mode.
[sequence-number] permit tcp source source-wildcard
[operator port [port]] destination destination-wildcard
Step 4
[operator [port]] [established {match-any |
Operators include lt (less than), gt (greater than), eq (equal),
neq (not equal), and range (inclusive range).
match-all} {+ | -} flag-name] [precedence
precedence] [tos tos] [log] [time-range
time-range-name] [fragments]
If the operator is positioned after the source and
source-wildcard arguments, it must match the source port.
Example:
Device(config-ext-nacl)# permit tcp any eq
telnet ftp any eq 450 679
If the operator is positioned after the destination and
destination-wildcard arguments, it must match the destination
port.
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1192
How to Configure ACLs

Table of Contents

Other manuals for Cisco Catalyst 2960 Series

Preview: Datasheet
Datasheet21 pages
Preview: Brochure & Specs
Brochure & Specs10 pages
Preview: Product Bulletin
Product Bulletin5 pages
Preview: Specifications
Specifications2 pages

Related product manuals