Name: Enterasys Matrix DFE-Gold Series
Brand: Enterasys
Rating: 4 (1 reviews)

To Next Page

To Previous Page

access-list (extended) Configuring Access Lists

Enterasys Matrix DFE-Gold Series Configuration Guide 24-17

Defaults

•Ifinsert,replaceormovearenotspecified,thenewentrywillbeappendedtotheaccesslist.

•Ifsource2isnotspecifiedwithmove,onlyoneentrywillbemoved.

Mode

Routercommand,Globalconfiguration:Matrix>Router(config)#

Usage

Validaccess‐list‐numbersforstandardACLsare1to99.ForextendedACLs,validvaluesare100to

199.

The“no”formofthiscommandremovesthedefinedaccesslistorentry.

Examples

Thisexampleshowshowtoallowaccesstoonlythosehostsonthethreespecifiednetworks.The

wildcardbitsapplytothehostportionsofthenetworkaddresses.Anyhostwithasourceaddress

thatdoesnotmatchtheaccessliststatementswillberejected:

Matrix>Router(config)#access-list 1 permit 192.5.34.0 0.0.0.255

Matrix>Router(config)#access-list 1 permit 128.88.0.0 0.0.255.255

Matrix>Router(config)#access-list 1 permit 36.0.0.0 0.255.255.255

Thisexamplemovesentry16tothebeginningofACL22:

Matrix>Router(config)#access-list 22 move 1 16

access-list (extended)

UsethiscommandtodefineanextendedIPaccesslistbynumberwhenoperatinginroutermode.

Syntax

access-list access-list-number [ insert | replace entry] | [log 1-5000 | all] [move

destination source1 [source2]] {deny | permit} protocol source [source-wildcard]

[operator [port]] destination [destination-wildcard] [operator [port]]

[tos-extensions][icmp-type [icmp-code] [established] [log]

To insert or replace an ACL entry:

access-list access-list-number insert | replace entry

To move entries within an ACL:

access-list access-list-number move destination source1 [source2]

To log entries within an ACL:

access-list access-list-number log 1-5000 | all

Important Notice

Configuring extended access control lists (ACLs) is an advanced routing feature that must be enabled with a

license key. If you have purchased an advanced routing license and have enabled routing on the device, you

must activate your license as described in “Activating Advanced Routing Features” on page 21-1 in order to

enable the extended access list command set. If you wish to purchase an advanced routing license, contact

Enterasys Networks Sales.

Enterasys Matrix DFE-Gold Series User Manual

Questions and Answers: