164 ACL Commands
The assign-queue and redirect parameters are only valid for permit commands.
Example
The following example configures a MAC ACL to deny traffic from MAC address
0806.c200.0000.
console(config)#mac access-list extended DELL123
console(config-mac-access-list)#deny 0806.c200.0000 ffff.ffff.ffff any
ip access-group
no ip access-group
Use the ip access-group or no ip access-group command to apply/disable an IP based ACL on an
Ethernet interface or a group of interfaces. An IP based ACL should have been created by the
access-list <
name
> … command with the same name specified in this command.
Syntax
ip access-group
name
direction seqnum
•
name
— Access list name. (Range: Valid IP access-list name up to 31 characters in length)
•
direction
— Direction of the ACL. (Range: In or out. Default is
in
.)
•
seqnum
— Precedence for this interface and direction. A lower sequence number has higher
precedence. Range: 1 – 4294967295. Default is
1
.
Default Configuration
This command has no default configuration.
Command Mode
Global and Interface Configuration
User Guidelines
Global mode command configures the ACL on all the interfaces, whereas the interface mode
command does so for the interface.
Examples
console(config)#ip access-group aclname in
console(config)#no ip access-group aclname in
console(config)#ip access-group aclname1 out
To Next Page
Loading...
