Configuring Access Lists
SecureStack C2 Configuration Guide 18-75
Mode
Interfaceconfiguration:C2(su)‐>router(Config‐if(Vlan<vlan_id>))#
Usage
ACLsmustbeappliedperroutinginterface.Anentry(rule)canbeappliedtoinboundframes
only.
Example
Thisexampleshowshowtoapplyaccesslist1forallinboundframesontheVLAN1interface.
Throughthedefinitionofaccesslist1,onlyframeswithasourceaddressonthe192.5.34.0/24
networkwillberouted.AlltheframeswithothersourceaddressesreceivedontheVLAN1
interface
aredropped:
C2(su)->router(Config)#access-list 1 permit 192.5.34.0 0.0.0.255
C2(su)->router(Config)#interface vlan 1
C2(su)->router(Config-if(Vlan 1))#ip access-group 1 in
Configuring Access Lists
Purpose
Toreviewandconfiguresecurityaccesscontrollists(ACLs),whichpermitordenyaccessto
routinginterfacesbasedonprotocolandIPaddressrestrictions.
Commands
Thecommandsusedtoreviewandconfiguresecurityaccesslistsarelistedbelow:
show access-lists
UsethiscommandtodisplayconfiguredIPaccesslistswhenoperatinginroutermode.
Syntax
showaccess‐lists[number]
Router: These commands can be executed when the device is in router mode only. For details
on how to enable router configuration modes, refer to “Enabling Router Configuration Modes” on
page 14-3.
For information about... Refer to page...
show access-lists 18-70
access-list (standard) 18-74
access-list (extended) 18-73
ip access-group 18-74
To Next Page
Loading...
