Send documentation comments to mdsfeedback-doc@cisco.com
11-45
Cisco MDS 9000 Family Command Reference
OL-16217-01, Cisco MDS SAN-OS Release 3.x
Chapter 11 I Commands
ip access-list
The following example removes the IP-ACL called aclPermit.
switch(config-if)# no ip access-group aclPermit
The following example updates aclPermit to deny TCP traffic from any source address to any destination
address.
switch# config terminal
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# ip access-list aclPermit deny tcp any any
The following example defines an IP-ACL that permits this network. Subtracting 255.255.248.0 (normal
mask) from 255.255.255.255 yields 0.0.7.255.
switch# config terminal
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# ip access-list aclPermitUdp permit udp 192.168.32.0 0.0.7.255 any
The following example permits all IP traffic from and to the specified networks.
switch# config terminal
Enter configuration commands, one per line. End with CNTL/Z.
switch(config)# ip access-list aclPermitIpToServer permit ip 10.1.1.0 0.0.0.255
172.16.1.0 0.0.0.255
The following example denies TCP traffic from 1.2.3.0 through source port 5 to any destination.
switch# config terminal
Enter configuration commands, one per line. End with CNTL/
switch(config)# ip access-list aclDenyTcpIpPrt5 deny tcp 1.2.3.0 0.0.0.255 eq port 5 any
The following example removes this entry from the IP-ACL.
switch# config terminal
Enter configuration commands, one per line. End with CNTL/
switch(config)# no ip access-list aclDenyTcpIpPrt5 deny tcp 1.2.3.0 0.0.0.255 eq port 5
any
Related Commands Command Description
show ip access-list Displays the IP-ACL configuration information.
To Next Page
Loading...
