15-75
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 15 Configuring Access Control
Configuring Port-Based ACLs
Console> (enable) set port security-acl 3/1 vlan-based
ACL interface is set to vlan-based mode for port(s) 3/1.
Console> (enable) set security acl map ipacl1 3/1
Port 3/1 is set to vlan-based mode, config is saved in Nvram.
Config will be applied when the port is set to port-based/merge mode.
Console> (enable)
Displaying ACL Mapping Information
The show security acl map command is extended to display the port mappings as follows:
• Added mandatory keywords (config and runtime) to display the configuration and run-time
mappings.
• Added optional keywords (all-vlans and all-ports) to selectively display the configured VACLs and
PACLs.
To display the ACL mapping information, perform this task in normal mode:
These examples show how to display the ACL mapping information:
Console> (enable) show security acl map config all
ACL Name Type Ports/Vlans
-------------------------------- ---- --------------
ipacl1 IP 11
ipacl2 IP 3/1
Console> (enable) show security acl map config all-ports
ACL Name Type Ports
-------------------------------- ---- --------------
ipacl2 IP 3/1
Console> (enable) show security acl map runtime 3/1
Port ACL name Type
----- -------------------------------- ----
3 / 1 ipacl1 IP
Console> (enable)
Displaying ACL Information for an EtherChannel
The show port channel command is extended to display the PACL mappings on the port channels. For
type, you can specify security-acl.
To display the ACL information for an EtherChannel, perform this task in normal mode:
Task Command
Display the ACL mapping information. show security acl map [config | runtime] [acl_name |
mod_num/port_num | vlan | all | all-vlans | all-ports]
Task Command
Display the ACL information for an
EtherChannel.
show port channel [all | mod[/port]] {info [type]}
To Next Page
Loading...
