EasyManuals Logo

Extreme Networks EAS 100-24t Switch CLI User Manual

Extreme Networks EAS 100-24t Switch CLI
320 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #229 background imageLoading...
Page #229 background image
Access Control List (ACL) Commands
Extreme Networks EAS 100-24t Switch CLI Manual
229
have an IP source address between 10.42.73.0 and 10.42.73.255, and specify the port that will not be
allowed:
config access_profile profile_id 1 add access_id 1 ip source_ip 10.42.73.1
port 7 deny
We use the profile_id 1 which was specified when the access profile was created. The add parameter
instructs the switch to add the criteria that follows to the list of rules that are associated with access
profile 1. For each rule entered into the access profile, users can assign an access_id that identifies the
rule within the list of rules. The access_id is an index number only and does not affect priority within
the profile_id. This access_id may be used later if users want to remove the individual rule from the
profile.
The ip parameter instructs the switch that this new rule will be applied to the IP addresses contained
within each frame’s header. Source_ip tells the switch that this rule will apply to the source IP
addresses in each frame’s header. The IP address 10.42.73.1 will be combined with the source_ip_mask
255.255.255.0 to give the IP address 10.42.73.0 for any source IP address between 10.42.73.0 to
10.42.73.255. Finally the restricted port – port number 7 – is specified.
Each command is listed, in detail, in the following sections:
Example usage:
To create an access list rule:
#create access_profile ethernet vlan source_mac 00-00-00-00-00-01 destination_mac
00-00-00-00-00-02 802.1p ethernet_type profile_id 1
Command: create access_profile ethernet vlan source_mac 00-00-00-00-00-01
destination_mac 00-00-00-00-00-02 802.1p ethernet_type profile_id 1
Success.
#create access_profile ip vlan source_ip_mask 20.0.0.0 destination_ip_mask 10.0.0.0
dscp icmp type code profile_id 2
Command: create access_profile ip vlan source_ip_mask 20.0.0.0 destination_ip_mask
10.0.0.0 dscp icmp type code profile_id 2
Success.
#create access_profile packet_content_mask offset1 2 0xFFFFFFFF profile_id 3
Command: create access_profile packet_content_mask offset1 2 0xFFFFFFFF profile_id 3
Success.
delete access_profile
Purpose Used to delete a previously created access profile.
Syntax delete access_profile [profile_id <value 1-256> | all]
Description This command is used to delete a previously created access profile on the
switch.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Extreme Networks EAS 100-24t Switch CLI and is the answer not in the manual?

Extreme Networks EAS 100-24t Switch CLI Specifications

General IconGeneral
BrandExtreme Networks
ModelEAS 100-24t Switch CLI
CategorySwitch
LanguageEnglish

Related product manuals