Chapter 9
| Access Control Lists
IPv4 ACLs
– 326 –
ip access-group This command binds an IPv4 ACL to a port. Use the no form to remove the port.
Syntax
ip access-group acl-name {in |
out} [time-range time-range-name] [counter]
no ip access-group acl-name {in |
out}
acl-name – Name of the ACL. (Maximum length: 16 characters)
in – Indicates that this list applies to ingress packets.
out – Indicates that this list applies to egress packets.
time-range-name - Name of the time range. (Range: 1-16 characters)
counter – Enables counter for ACL statistics.
Default Setting
None
Command Mode
Interface Configuration (Ethernet)
Command Usage
◆ Only one ACL can be bound to a port.
◆ If an ACL is already bound to a port and you bind a different ACL to it, the
switch will replace the old binding with the new one.
Example
Console(config)#int eth 1/2
Console(config-if)#ip access-group david in
Console(config-if)#
Related Commands
show ip access-group (326)
Time Range (141)
show ip access-group This command shows the ports assigned to IP ACLs.
Command Mode
Privileged Exec
Example
Console#show ip access-group
Interface ethernet 1/2
IP access-list david in
Global
IP access-list david in counter
Console#
To Next Page
Loading...
