To Next Page

To Previous Page

Configuring Access Lists access-list (standard)

24-16 Security Configuration

deny ip 150.136.0.0 0.0.255.255 224.0.0.0 15.255.255.255

deny ip 11.6.0.0 0.1.255.255 224.0.0.0 15.255.255.255 2)

deny ip 172.24.24.0 0.0.1.255 224.0.0.0 15.255.255.255

access-list (standard)

UsethiscommandtodefineastandardIPaccesslistbynumberwhenoperatinginroutermode.

Restrictionsdefinedbyanaccesslistareappliedbyusingtheipaccess‐groupcommand(“ip

access‐group”onpage 24‐20).

Syntax

access-list access-list-number [ insert | replace entry] | [log 1-5000 | all] [move

destination source1 [source2]] {deny | permit} source [source-wildcard]

no access-list access-list-number [entry]

To insert or replace an ACL entry:

access-list access-list-number insert | replace entry

To move entries within an ACL:

access-list access-list-number move destination source1 [source2]

Parameters

access‐list‐

number

Specifiesastandardaccesslistnumber.Validvaluesarefrom1to99.

insert|replaceentry (Optional)Insertsthisnewentrybeforeaspecifiedentryinanexisting

ACL,orreplacesaspecifiedentrywiththisnewentry.

log1‐5000|all Enablesyslog forACLentryhits.

Enablesyslogforsequentialnumber

ofACLentryorforallACLentries

movedestination

source1source2

(Optional)Movesasequenceofaccesslistentriesbeforeanotherentry. 

Destinationisthenumberoftheexistingentrybeforewhichthisnew

entrywillbemoved.Source1isasingleentrynumberorthe

firstentry

numberintherangetobemoved.Source2(optional)isthelastentry

numberintherangetobemoved.Ifnotspecified,onlythesource1entry

willbemoved.

deny|permit Deniesorpermitsaccessifspecifiedconditionsaremet.

protocol SpecifiesanIPprotocolforwhichto

denyorpermitaccess.Validvalues

andtheircorrespondingprotocolsare:

• ip‐AnyInternetprotocol

• icmp‐InternetControlMessageProtocol

• udp‐UserDatagramProtocol

• tcp‐TransmissionProtocol

source Specifiesthenetworkorhostfromwhichthepacketwillbesent.Valid

optionsforexpressingsourceare:

•IPaddressorrange

ofaddresses(A.B.C.D)

• any‐Anysourcehost

• hostsource‐IPaddressofasinglesourcehost

source‐wildcard (Optional)Specifiesthebitstoignoreinthesourceaddress.

Brand	Enterasys
Model	Matrix DFE-Gold Series
Category	Switch
Language	English

Enterasys Matrix DFE-Gold Series User Manual

Table of Contents

Questions and Answers:

Enterasys Matrix DFE-Gold Series Specifications

Related product manuals