Enterasys Matrix DFE-Gold Series

944 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

Configuring Access Lists access-list (standard)

24-16 Security Configuration

deny ip 150.136.0.0 0.0.255.255 224.0.0.0 15.255.255.255

deny ip 11.6.0.0 0.1.255.255 224.0.0.0 15.255.255.255 2)

deny ip 172.24.24.0 0.0.1.255 224.0.0.0 15.255.255.255

access-list (standard)

UsethiscommandtodefineastandardIPaccesslistbynumberwhenoperatinginroutermode.

Restrictionsdefinedbyanaccesslistareappliedbyusingtheipaccess‐groupcommand(“ip

access‐group”onpage 24‐20).

Syntax

access-list access-list-number [ insert | replace entry] | [log 1-5000 | all] [move

destination source1 [source2]] {deny | permit} source [source-wildcard]

no access-list access-list-number [entry]

To insert or replace an ACL entry:

access-list access-list-number insert | replace entry

To move entries within an ACL:

access-list access-list-number move destination source1 [source2]

Parameters

access‐list‐

number

Specifiesastandardaccesslistnumber.Validvaluesarefrom1to99.

insert|replaceentry (Optional)Insertsthisnewentrybeforeaspecifiedentryinanexisting

ACL,orreplacesaspecifiedentrywiththisnewentry.

log1‐5000|all Enablesyslog forACLentryhits.

Enablesyslogforsequentialnumber

ofACLentryorforallACLentries

movedestination

source1source2

(Optional)Movesasequenceofaccesslistentriesbeforeanotherentry. 

Destinationisthenumberoftheexistingentrybeforewhichthisnew

entrywillbemoved.Source1isasingleentrynumberorthe

firstentry

numberintherangetobemoved.Source2(optional)isthelastentry

numberintherangetobemoved.Ifnotspecified,onlythesource1entry

willbemoved.

deny|permit Deniesorpermitsaccessifspecifiedconditionsaremet.

protocol SpecifiesanIPprotocolforwhichto

denyorpermitaccess.Validvalues

andtheircorrespondingprotocolsare:

• ip‐AnyInternetprotocol

• icmp‐InternetControlMessageProtocol

• udp‐UserDatagramProtocol

• tcp‐TransmissionProtocol

source Specifiesthenetworkorhostfromwhichthepacketwillbesent.Valid

optionsforexpressingsourceare:

•IPaddressorrange

ofaddresses(A.B.C.D)

• any‐Anysourcehost

• hostsource‐IPaddressofasinglesourcehost

source‐wildcard (Optional)Specifiesthebitstoignoreinthesourceaddress.

Table of Contents

Related product manuals

Preview: Enterasys Matrix 2G4072-52

Enterasys Matrix 2G4072-52

Preview: Enterasys Matrix E1 1H582-51

Enterasys Matrix E1 1H582-51

Enterasys Matrix E1 1G694-13

Preview: Enterasys Matrix-V V2H124-24

Enterasys Matrix-V V2H124-24

Preview: Enterasys C3G124-24

Enterasys C3G124-24

Preview: Enterasys B5G124-24

Enterasys B5G124-24

Enterasys A4H124-48P

Preview: Enterasys B5G124-24P2

Enterasys B5G124-24P2

Preview: Enterasys SecureStack C2

Enterasys SecureStack C2

Enterasys SSA-G1018-0652

Preview: SecureStack B3 B3G124-24P

SecureStack B3 B3G124-24P

Preview: SecureStack B2 B2G124-48P

SecureStack B2 B2G124-48P