ACL Configuring
18.3.1 Configuration Procedure
Follow these steps to configure a basic ACL
Table 18-2 Configure basic ACL based on digital identification
Enter global configuration mode
Define sub-item match rule
access-list num match-order { config |
auto }
by
default ,syste
m is config
access-list num { permit | deny }
{ source-IPv4/v6 source-wildcard |
any | ipv6any } [ time-range name ]
Table 18-3 Configure basic ACL based on name identification
Enter global configuration
mode
Define sub-item match rule
access-list standard name match-order
{ config | auto }
by default ,system is
config
Define basic ACL and enter
configuration mode
access-list standard name
{ permit | deny } { source-IPv4/v6
source- wildcard | any | ipv6any }
[ time-range name ]
18.3.2 Configuration Examples
!Define a basic ACL with number mark to deny packet with source IP 10.0.0.1
Switch#configure terminal
Switch(config)#access-list 1 deny 10.0.0.1 0
!Define a basic ACL with name mark to deny packet with source IP 10.0.0.2
Switch#configure terminal
Switch(config)#access-list standard stdacl
Switch(config-std-nacl-stdacl)#deny 10.0.0.2 0
18.4 Define Extended ACL
Switch can define at most 100 extended ACL with the number ID (the number is in the
range of 100 to 199), at most 1000 extended ACL with the name ID. It can define 128
To Next Page
Loading...
Need help?
General
