EasyManua.ls Logo

Cisco ONS 15454 - Page 194

Cisco ONS 15454
232 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
15-4
Cisco ONS 15454 SONET/SDH ML-Series Multilayer Ethernet Card Software Feature and Configuration Guide, R4.0
78-15224-02
Chapter 15 Configuring Access Control Lists
ML-Series ACL Support
Creating Named Standard IP ACLs
To create a named standard IP ACL, perform the following procedure, beginning in global configuration
mode:
Creating Named Extended IP ACLs (Control Plane Only)
To create a named extended IP ACL, perform the following tasks, beginning in global configuration
mode:
Applying the ACL to an Interface
After you create an ACL, you can apply it to one or more interfaces. ACLs can be applied on either the
inbound or the outbound direction of an interface. When controlling access to an interface, you can use
a name or number. If a standard ACL is applied, the ML-Series card compares the source IP address with
the ACL. To apply an ACL to one or more interfaces, use the command in Table 15-2.
Note IP Standard ACLs applied to bridged egress interfaces are not supported in the data-plane. When
bridging, ACLs are only supported on ingress.
Command Purpose
Step 1
Router(config)# ip access-list standard
name
Defines a standard IP ACL using an alphabetic
name.
Step 2
Router(config-std-nac1)# deny {
source
[
source-wildcard
] | any}
or
permit {
source
[
source-wildcard
] | any}
In access-list configuration mode, specifies one or
more conditions as permitted or denied. This
determines whether the packet is passed or dropped.
Step 3
Router(config)# exit
Exits access-list configuration mode.
Command Purpose
Step 1
Router(config)# ip access-list extended
name
Defines an extended IP ACL using an alphabetic
name.
Step 2
Router(config-ext-nacl)# {deny | permit}
protocol source source-wildcard destination
destination-wildcard
[precedence
precedence
] [tos
tos
]
{deny | permit}
protocol
any any
{deny | permit}
protocol
host
source
host
destination
In access-list configuration mode, specifies the
conditions allowed or denied.
Or:
Defines an extended IP ACL using an abbreviation
for a source and source wildcard of 0.0.0.0
255.255.255.255, and an abbreviation for a
destination and destination wildcard of 0.0.0.0
255.255.255.255.
Or:
Defines an extended IP ACL using an abbreviation
for a source and source wildcard of source 0.0.0.0,
and an abbreviation for a destination and
destination wildcard of destination 0.0.0.0.

Table of Contents

Other manuals for Cisco ONS 15454

Preview: Troubleshooting Guide
Troubleshooting Guide558 pages
Preview: Reference Manual
Reference Manual728 pages
Preview: Hardware Installation Guide
Hardware Installation Guide516 pages
Preview: Reference Guide
Reference Guide166 pages
Preview: Manual
Manual88 pages
Preview: User Guide
User Guide38 pages
Preview: Install
Install32 pages
Preview: Procedure Guide
Procedure Guide62 pages
Preview: Installation Instructions
Installation Instructions22 pages
Preview: Unpacking And Installing
Unpacking And Installing42 pages

Related product manuals