C
HAPTER
25
| Access Control Lists
MAC ACLs
– 719 –
access-list mac This command adds a MAC access list and enters MAC ACL configuration
mode. Use the no form to remove the specified ACL.
SYNTAX
[no] access-list mac acl-name
acl-name – Name of the ACL. (Maximum length: 16 characters, no
spaces or other special characters)
DEFAULT SETTING
None
COMMAND MODE
Global Configuration
COMMAND USAGE
â—† When you create a new ACL or enter configuration mode for an existing
ACL, use the permit or deny command to add new rules to the bottom
of the list.
â—† To remove a rule, use the no permit or no deny command followed by
the exact text of a previously configured rule.
â—† An ACL can contain up to 128 rules.
EXAMPLE
Console(config)#access-list mac jerry
Console(config-mac-acl)#
RELATED COMMANDS
permit, deny, redirect-to (719)
mac access-group (722)
show mac access-list (723)
permit, deny,
redirect-to
(MAC ACL)
This command adds a rule to a MAC ACL. The rule filters packets matching
a specified MAC source or destination address (i.e., physical layer address),
or Ethernet protocol type. Use the no form to remove a rule.
SYNTAX
{permit | deny | redirect-to interface}
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
[time-range time-range-name]
no {permit | deny | redirect-to interface}
{any | host source | source address-bitmask}
{any | host destination | destination address-bitmask}
[vid vid vid-bitmask] [ethertype protocol [protocol-bitmask]]
To Next Page
Loading...
Need help?
General