To Next Page

To Previous Page

Configuring Access Lists

SecureStack C2 Configuration Guide 18-75

Mode

Interfaceconfiguration:C2(su)‐>router(Config‐if(Vlan<vlan_id>))#

Usage

ACLsmustbeappliedperroutinginterface.Anentry(rule)canbeappliedtoinboundframes

only.

Example

Thisexampleshowshowtoapplyaccesslist1forallinboundframesontheVLAN1interface.

Throughthedefinitionofaccesslist1,onlyframeswithasourceaddressonthe192.5.34.0/24

networkwillberouted.AlltheframeswithothersourceaddressesreceivedontheVLAN1

interface

aredropped:

C2(su)->router(Config)#access-list 1 permit 192.5.34.0 0.0.0.255

C2(su)->router(Config)#interface vlan 1

C2(su)->router(Config-if(Vlan 1))#ip access-group 1 in

Configuring Access Lists

Purpose

Toreviewandconfiguresecurityaccesscontrollists(ACLs),whichpermitordenyaccessto

routinginterfacesbasedonprotocolandIPaddressrestrictions.

Commands

Thecommandsusedtoreviewandconfiguresecurityaccesslistsarelistedbelow:

show access-lists

UsethiscommandtodisplayconfiguredIPaccesslistswhenoperatinginroutermode.

Syntax

showaccess‐lists[number]

Router: These commands can be executed when the device is in router mode only. For details

on how to enable router configuration modes, refer to “Enabling Router Configuration Modes” on

page 14-3.

For information about... Refer to page...

show access-lists 18-70

access-list (standard) 18-74

access-list (extended) 18-73

ip access-group 18-74

Enterasys SecureStack C2 User Manual

Questions and Answers: