Cisco Nexus 5500 Series - Page 67

Cisco Nexus 5500 Series

378 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

53

Cisco Nexus 5500 Series NX-OS Security Command Reference

OL-27883-02

Chapter D Commands

deny ip (IPv4)

• Address and network wildcard—You can use an IPv4 address followed by a network wildcard to

specify a host or a network as a source or destination. The syntax is as follows:

IPv4-address network-wildcard

This example shows how to specify the source argument with the IPv4 address and network wildcard

for the 192.168.67.0 subnet:

switch(config-acl)# deny ip 192.168.67.0 0.0.0.255 any

• Address and variable-length subnet mask—You can use an IPv4 address followed by a

variable-length subnet mask (VLSM) to specify a host or a network as a source or destination. The

syntax is as follows:

IPv4-address/prefix-len

This example shows how to specify the source argument with the IPv4 address and VLSM for the

192.168.67.0 subnet:

switch(config-acl)# deny ip 192.168.67.0/24 any

• Host address—You can use the host keyword and an IPv4 address to specify a host as a source or

destination. The syntax is as follows:

host IPv4-address

This syntax is equivalent to IPv4-address/32 and IPv4-address 0.0.0.0.

This example shows how to specify the source argument with the host keyword and the

192.168.67.132 IPv4 address:

switch(config-acl)# deny ip host 192.168.67.132 any

• Any address—You can use the any keyword to specify that a source or destination is any IPv4

address. For examples of the use of the any keyword, see the examples in this section. Each example

shows how to specify a source or destination by using the any keyword.

Examples This example shows how to configure an IPv4 ACL named acl-lab-01 with rules that deny all IPv4 traffic

from the 10.23.0.0 and 192.168.37.0 networks to the 10.176.0.0 network:

switch(config)# ip access-list acl-lab-01

switch(config-acl)# deny ip 10.23.0.0/16 10.176.0.0/16

switch(config-acl)# deny ip 192.168.37.0/16 10.176.0.0/16

Related Commands Command Description

ip access-list Configures an IPv4 ACL.

permit (IPv4) Configures a permit rule in an IPv4 ACL.

remark Configures a remark in an IPv4 ACL.

show ip access-list Displays all IPv4 ACLs or one IPv4 ACL.

Table of Contents

Other manuals for Cisco Nexus 5500 Series

Command Reference Guide460 pages

Configuration Guide160 pages

Related product manuals

Cisco Nexus 5596

Preview: Cisco Nexus 5548P

Cisco Nexus 5548P

Preview: Cisco Nexus 5548UP

Cisco Nexus 5548UP

Preview: Cisco Nexus 5596UP

Cisco Nexus 5596UP

Preview: Cisco Nexus 5010

Cisco Nexus 5010

Preview: Cisco Nexus 5000 Series

Cisco Nexus 5000 Series

Preview: Cisco Nexus 5600 Series

Cisco Nexus 5600 Series

AP775A - Nexus Converged Network Switch 5010

Preview: Cisco Nexus 9504

Cisco Nexus 9504

Preview: Cisco Nexus 7000

Cisco Nexus 7000

Cisco Nexus 3064

Preview: Cisco Nexus 9508

Cisco Nexus 9508