ESR series service routers.ESR-Series. User manual
Step Description Command Keys
15 Set VLAN ID for which the rule
should work (optional).
esr(config-acl-rule)# match vlan
<VID>
<VID> – VLAN ID, takes values of
[1..4094].
16 Activate a rule. esr(config-acl-rule)# enable
17 Specify access control list for the
configured interface to filtrate
incoming traffic.
esr(config-if-gi)# service-acl
input <NAME>
<NAME> – access control list name,
set by the string of up to 31
characters.
Also the access lists can be used to organize QoS policy.
13.5.2 Access list configuration example
Objective:
Allow traffic transmission from 192.168.20.0/24 subnet only.
Solution:
Configure access control list for filtering by a subnet:
esr# configure
esr(config)# ip access-list extended white
esr(config-acl)# rule 1
esr(config-acl-rule)# action permit
esr(config-acl-rule)# match source-address 192.168.20.0 255.255.255.0
esr(config-acl-rule)# enable
esr(config-acl-rule)# exit
esr(config-acl)# exit
Apply access list to Gi1/0/19 interface for inbound traffic:
esr(config)# interface gigabitethernet 1/0/19
esr(config-if-gi)# service-acl input white
To view the detailed information on access control list, use the following command:
esr# show ip access-list white
To Next Page
Loading...