EasyManuals Logo

Cisco mds 9124 - fabric switch User Manual

Cisco mds 9124 - fabric switch
1550 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #633 background imageLoading...
Page #633 background image
Send documentation comments to mdsfeedback-doc@cisco.com
11-41
Cisco MDS 9000 Family Command Reference
OL-16217-01, Cisco MDS SAN-OS Release 3.x
Chapter 11 I Commands
ip access-group
ip access-group
To apply an access list to an interface, use the ip access-group command in interface mode. Use the no
form of this command to negate a previously issued command or revert to factory defaults.
ip access-group access-list-name [in | out]
Syntax Description
Defaults The access list is applied to both ingress and egress traffic.
Command Modes Interface mode.
Command History
Usage Guidelines The ip access-group command controls access to an interface. Each interface can only be associated
with one access list. The access group becomes active immediately.
We recommend creating all rules in an access list, before creating the access group that uses that access
list.
If you create an access group before an access list, the access list is created and all packets in that
interface are dropped, because the access list is empty.
The access-group configuration for the ingress traffic applies to both local and remote traffic. The
access-group configuration for the egress traffic applies only to local traffic. You can apply a different
access list for each type of traffic.
Examples The following example creates an access group called aclPermit for both the ingress and egress traffic
(default)
switch# config terminal
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# ip access-list aclPermit permit ip any any
switch(config)# interface Gigabitethernet 3/1
switch(config-if)# ip access-group aclPermit
The following example deletes the access group called aclPermit.
switch(config-if)# no ip access-group aclPermit
The following example creates an access group called aclDenyTcp (if it does not already exist) for
ingress traffic.
access-list-name Specifies the IP access list name. The maximum length is 64 alphanumeric
characters and the text is case insensitive.
in Specifies that the group is for ingress traffic.
out Specifies that the group is for egress traffic.
Release Modification
1.2(1) This command was introduced.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco mds 9124 - fabric switch and is the answer not in the manual?

Cisco mds 9124 - fabric switch Specifications

General IconGeneral
BrandCisco
Modelmds 9124 - fabric switch
CategorySwitch
LanguageEnglish

Related product manuals