94 Device Security
Figure 5-2. IP ACL Example Network Diagram
Example #1: Create an ACL and Define an ACL Rule
This command creates an ACL named list1 and configures a rule for the ACL. After the mask has been
applied, it permits packets carrying TCP traffic that matches the specified Source IP address, and sends
these packets to the specified Destination IP address.
console#config
console(config)#access-list list1 permit tcp 192.168.77.0 0.0.0.255 192.168.77.3
0.0.0.0
Example #2: Define the Second Rule for ACL 179
Define the rule to set similar conditions for UDP traffic as for TCP traffic.
console(config)#access-list list1 permit udp 192.168.77.0 0.0.0.255 192.168.77.3
0.0.0.255
console(config)#exit
Port 1/0/2
ACL 179
192.168.77.1 192.168.77.2192.168.77.9192.168.77.4
UDP or TCP packet to
192.168.77.3 accepted:
Dest. IP in range
UDP or TCP packet to
192.168.88.3 rejected:
Dest. IP not in range
Layer 2
Switch
Layer 3 Switch
To Next Page
Loading...
