This example shows how to configure an IPv4 ACL named acl-eng-to-marketing with a rule that denies all
IP traffic from an IPv4 address object group named eng_workstations to an IP address object group named
marketing_group followed by a rule that permits all other IPv4 traffic:
switch# configure terminal
switch(config)# ip access-list acl-eng-to-marketing
switch(config-acl)# deny ip addrgroup eng_workstations addrgroup marketing_group
switch(config-acl)# permit ip any any
Related Commands
DescriptionCommand
Configures how an IP ACL processes noninitial
fragments.
fragments
Configures an IPv4 ACL.ip access-list
Configures an IPv4 address object group.object-group ip address
Configures an IP port object group.object-group ip port
Configures a permit rule in an IPv4 ACL.permit (IPv4)
Configures a remark in an IPv4 ACL.remark
Displays all IPv4 ACLs or one IPv4 ACL.show ip access-list
Enables collection of statistics for each entry in an
ACL.
statistics per-entry
Configures a time range.time-range
Cisco Nexus 7000 Series Security Command Reference
242
D Commands
deny (IPv4)
To Next Page
Loading...
