EasyManua.ls Logo

Cisco Nexus 9000 Series - Page 260

Cisco Nexus 9000 Series
562 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
show ip access-lists name
show ipv6 access-lists name
7. (Optional) copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Creates the IP ACL and enters IP ACL configuration mode.
The name argument can be up to 64 characters.
Enter one of the following commands:
Step 2
ip access-list name
ipv6 access-list name
Example:
switch(config)# ip access-list acl-01
switch(config-acl)#
Optimizes fragment handling for noninitial fragments. When
a device applies to traffic an ACL that contains the
(Optional) fragments {permit-all | deny-all}
Example:
Step 3
fragments command, the fragments command only
switch(config-acl)# fragments permit-all
matches noninitial fragments that do not match any explicit
permit or deny commands in the ACL.
Creates a rule in the IP ACL. You can create many rules.
The sequence-number argument can be a whole number
between 1 and 4294967295.
[sequence-number] {permit | deny} protocol
{source-ip-prefix | source-ip-mask} {destination-ip-prefix
| destination-ip-mask}
Step 4
Example:
The permit and deny commands support many ways of
identifying traffic.
switch(config-acl)# permit ip 192.168.2.0/24 any
For IPv4 and IPv6 access lists, you can specify a source
and destination IPv4 or IPv6 prefix, which matches only
Example:
switch(config-acl)# 10 permit ipv6 1::1 2::2 3::3
4::4
on the first contiguous bits, or you can specify a source and
destination IPv4 or IPv6 wildcard mask, which matches on
any bit in the address. IPv6 wildcard masks are supported
for Cisco Nexus 9200, 9300-EX, and 9300-FX/FX2/FXP
switches and the Cisco Nexus 9364C switch.
Specifies that the device maintains global statistics for
packets that match the rules in the ACL.
(Optional) statistics per-entry
Example:
Step 5
switch(config-acl)# statistics per-entry
Displays the IP ACL configuration.(Optional) Enter one of the following commands:
Step 6
show ip access-lists name
show ipv6 access-lists name
Example:
switch(config-acl)# show ip access-lists acl-01
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
234
Configuring IP ACLs
Creating an IP ACL

Table of Contents

Other manuals for Cisco Nexus 9000 Series

Preview: Manual
Manual30 pages
Preview: Troubleshooting Guide
Troubleshooting Guide126 pages
Preview: Hardware Installation Guide
Hardware Installation Guide74 pages
Preview: Quick Start Configuration Guide
Quick Start Configuration Guide6 pages
Preview: Installation
Installation12 pages
Preview: Installing
Installing8 pages

Related product manuals