Send feedback to nx5000-docfeedback@cisco.com
1-8
Cisco Nexus 5000 Series Switch CLI Software Configuration Guide
OL-16597-01
Chapter 1 Configuring ACLs
Configuring IP ACLs
The following example shows how to apply an IPv4 or IPv6 ACL to the port channel:
switch# configure terminal
switch(config)# interface port-channel 5
switch(config-if)# ip port access-group acl-l2-marketing-group in
switch(config-if)# show running-config
switch(config-if)# copy running-config startup-config
This example shows how to create an IPv4 ACL named acl-01 and apply it to Ethernet interface 2/1,
which is a Layer 2 interface:
ip access-list acl-01
permit ip 192.168.2.0/24 any
interface ethernet 2/1
ip access-group acl-01 in
Applying an IP ACL as a VACL
For information about configuring VACLs, see “Configuring VACLs” section on page 1-15.
Step 2
switch(config)# interface ethernet
slot/port
Enters interface configuration mode for the
specified interface.
switch(config)# interface port-channel
channel-number
Enters interface configuration mode for a port
channel.
Step 3
switch(config)# interface ethernet
slot/port
switch(config-if)# ipv6 port
traffic-filter <name> in
Applies an IPv6 port access-list.
Step 4
switch(config-if)# ip port access-group
access-list in
Applies an IPv4 ACL to the interface or port
channel. Only inbound filtering is supported with
port ACLs. You can apply one port ACL to an
interface.
Step 5
switch(config-if)# show running-config
(Optional) Displays ACL configuration.
Step 6
switch(config-if)# copy running-config
startup-config
(Optional) Copies the running configuration to the
startup configuration.
Command Purpose
To Next Page
Loading...
