Cisco Nexus 5500 Series - Page 173

Cisco Nexus 5500 Series

378 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

159

Cisco Nexus 5500 Series NX-OS Security Command Reference

OL-27883-02

Chapter P Commands

permit icmp (IPv4)

• Address and network wildcard—You can use an IPv4 address followed by a network wildcard to

specify a host or a network as a source or destination. The syntax is as follows:

IPv4-address network-wildcard

This example shows how to specify the source argument with the IPv4 address and network wildcard

for the 192.168.67.0 subnet:

switch(config-acl)# permit icmp 192.168.67.0 0.0.0.255 any

• Address and variable-length subnet mask—You can use an IPv4 address followed by a

variable-length subnet mask (VLSM) to specify a host or a network as a source or destination. The

syntax is as follows:

IPv4-address/prefix-len

This example shows how to specify the source argument with the IPv4 address and VLSM for the

192.168.67.0 subnet:

switch(config-acl)# permit icmp 192.168.67.0/24 any

• Host address—You can use the host keyword and an IPv4 address to specify a host as a source or

destination. The syntax is as follows:

host IPv4-address

This syntax is equivalent to IPv4-address/32 and IPv4-address 0.0.0.0.

This example shows how to specify the source argument with the host keyword and the

192.168.67.132 IPv4 address:

switch(config-acl)# permit icmp host 192.168.67.132 any

• Any address—You can use the any keyword to specify that a source or destination is any IPv4

address. For examples of the use of the any keyword, see the examples in this section. Each example

shows how to specify a source or destination by using the any keyword.

ICMP Message Types

The icmp-message argument can be the ICMP message number, which is an integer from 0 to 255. It can

also be one of the following keywords:

• administrativelyprohibited—Administratively prohibited

• alternate-address—Alternate address

• conversion-error—Datagram conversion

• dod-host-prohibited—Host prohibited

• dod-net-prohibited—Net prohibited

• echo—Echo (ping)

• echo-reply—Echo reply

• general-parameter-problem—Parameter problem

• host-isolated—Host isolated

• host-precedence-unreachable—Host unreachable for precedence

• host-redirect—Host redirect

• host-tos-redirect—Host redirect for ToS

• host-tos-unreachable—Host unreachable for ToS

Table of Contents

Other manuals for Cisco Nexus 5500 Series

Command Reference Guide460 pages

Configuration Guide160 pages

Related product manuals

Cisco Nexus 5596

Preview: Cisco Nexus 5548P

Cisco Nexus 5548P

Preview: Cisco Nexus 5548UP

Cisco Nexus 5548UP

Preview: Cisco Nexus 5596UP

Cisco Nexus 5596UP

Preview: Cisco Nexus 5010

Cisco Nexus 5010

Preview: Cisco Nexus 5000 Series

Cisco Nexus 5000 Series

Preview: Cisco Nexus 5600 Series

Cisco Nexus 5600 Series

AP775A - Nexus Converged Network Switch 5010

Preview: Cisco Nexus 9504

Cisco Nexus 9504

Preview: Cisco Nexus 7000

Cisco Nexus 7000

Cisco Nexus 3064

Preview: Cisco Nexus 9508

Cisco Nexus 9508