Configuring Access Control Lists 553
3
Apply the rule to inbound (ingress) traffic on Gigabit Ethernet Port 2.
Only traffic matching the criteria will be accepted on this port.
console(config)#interface gi1/0/2
console(config-if-Gi1/0/2)#ip access-group list1
in
console(config-if-Gi11/0/2)#exit
Configuring a MAC ACL
The following example creates a MAC ACL named mac1 that denies all IPX
traffic on all ports. All other type of traffic is permitted.
To configure the switch:
1
Create a MAC Access List named mac1
console#config
console(config)#mac access-list extended mac1
2
Configure a rule to deny all IPX traffic, regardless of the source or
destination MAC address.
console(config-mac-access-list)#deny any any ipx
3
Configure a rule to permit all other types of traffic, regardless of the source
or destination MAC address.
console(config-mac-access-list)#permit any any
console(config-mac-access-list)#exit
4
Bind the ACL to all ports.
console(config)#mac access-group mac1 in
console(config)#exit
5
View information about the configured ACL.
console#show mac access-lists
Current number of all ACLs: 1 Maximum number of
all ACLs: 100
MAC ACL Name Rules Interface(s) Direction
------------- -------- ------------ ---------
To Next Page
Loading...
Need help?
General