To Next Page

To Previous Page

ip access-group

SecureStack C2 Configuration Guide 23-79

Validaccess‐list‐numbersforextendedACLsare100to199.ForstandardACLs,validvaluesare1

to99.

Example

Thisexampleshowshowtodefineaccesslist101todenyICMPtransmissionsfromanysource

andforanydestination:

C2(su)->router(Config)#access-list 101 deny ICMP any any

ip access-group

Usethiscommandtoapplyaccessrestrictionstoinboundframesonaninterfacewhenoperating

inroutermode.Thenoformofthiscommandremovesthe specifiedaccesslist.

Syntax

ip access-group access-list-number in

no ip access-group access-list-number in

Parameters

Defaults

None.

Mode

Interfaceconfiguration:C2(su)‐>router(Config‐if(Vlan<vlan_id>))#

Usage

ACLsmustbeappliedperroutinginterface.Anentry(rule)canbeappliedtoinboundframes

only.

Example

Thisexampleshowshowtoapplyaccesslist1forallinboundframesontheVLAN1interface.

Throughthedefinitionofaccesslist1,onlyframeswithasourceaddressonthe192.5.34.0/24

networkwillbe routed.AlltheframeswithothersourceaddressesreceivedontheVLAN1

interface

aredropped:

C2(su)->router(Config)#access-list 1 permit 192.5.34.0 0.0.0.255

C2(su)->router(Config)#interface vlan 1

C2(su)->router(Config-if(Vlan 1))#ip access-group 1 in

access‐list‐number Specifiesthenumberoftheaccesslisttobeappliedtotheaccesslist.This

isadecimalnumberfrom1to199.

in Filtersinboundframes.

Enterasys SecureStack C2 C2G170-24 User Manual

Other manuals for Enterasys SecureStack C2 C2G170-24