Before You Begin
Ensure that the ACL you want to apply exists and that it is configured to filter traffic in the manner that you
need for this application.
Procedure
PurposeCommand or Action
Enters global configuration mode.switch# configure terminal
Step 1
Enters configuration mode for the
interface type that you specified.
Enter one of the following commands:
Step 2
•
switch(config)# interface ethernet slot/port[.
number]
•
switch(config)# interface port-channel
channel-number[. number]
•
switch(config)# interface mgmt port
Applies an IPv4 or IPv6 ACL to the layer
3 interface for traffic in the ingress
direction.
Enter one of the following commands:
Step 3
•
switch(config-if)# ip access-group access-list
{in}
•
switch(config-if)# ipv6 traffic-filter
access-list {in}
(Optional)
Displays the ACL configuration.
switch(config-if)# show running-config aclmgr
Step 4
(Optional)
Copies the running configuration to the
startup configuration.
switch(config-if)# copy running-config
startup-config
Step 5
Verifying the ACL Logging Configuration
To display ACL logging configuration information, perform one of the following tasks:
PurposeCommand
Displays the TCAM sizes that will be applicable on
the next reload of the device.
switch# show hardware access-list tcam region
Displays the IPv4 ACL configuration.switch# show ip access-lists
Displays the IPv6 ACL configuration.switch# show ipv6 access-lists
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
88
Configuring IP ACLs
Verifying the ACL Logging Configuration
To Next Page
Loading...
