Controlling the data traffic
8.2
ACL
103
UM Config GRS
Release
8.0
09/2019
8.2.2 Creating and configuring an IP ACL using the Command Line Interface
In the following example, you configure ACLs to block communications from computers B and C,
to computer A via IP (TCP, UDP, etc.).
Figure 18: Example of an IP ACL
Perform the following steps:
enable
Change to the Privileged EXEC mode.
configure
Change to the Configuration mode.
ip acl add 1 filter
Adds an IP ACL with the ID
1
and the name
filter
.
ip acl rule add 1 1 deny src 10.0.1.11
0.0.0.0 dst 10.0.1.158 0.0.0.0
Adds a rule to position
1
of the IP ACL with the ID
1
denying IP data packets from
10.0.1.11
to
10.0.1.158
.
ip acl rule add 1 2 permit src any any
dst any any
Adds a rule to position
2
of the IP ACL with the ID
1
admitting IP data packets.
show acl ip rules 1
Displays the rules of the IP ACL with the ID
1
.
ip acl add 2 filter2
Adds an IP ACL with the ID
2
and the name
filter2
.
ip acl rule add 2 1 deny src 10.0.1.13
0.0.0.0 dst 10.0.1.158 0.0.0.0
Adds a rule to position
1
of the IP ACL with the ID
2
denying IP data packets from
10.0.1.13
to
10.0.1.158
.
ip acl rule add 2 2 permit src any any
dst any any
Adds a rule to position
2
of the IP ACL with the ID
2
admitting IP data packets.
show acl ip rules 2
Displays the rules of the IP ACL with the ID
2
.
interface 1/1
Change to the interface configuration mode of
interface
1/1
.
acl ip assign 1 in 1
Assigns the IP ACL with the ID
1
to incoming data
packets (
in
) on interface
1/1
, with a priority of
1
(highest priority).
exit
Leaves the interface mode.
interface 1/3
Change to the interface configuration mode of
interface
1/3
.
acl ip assign 2 in 1
Assigns the IP ACL with the ID
2
to incoming data
packets (
in
) on interface
1/3
, with a priority of
1
(highest priority).
IP: 10.0.1.11/24
IP: 10.0.1.13/24
IP: 10.0.1.159/24
IP: 10.0.1.158/24
C
B
D
A
Port 1
Port 2
Port 3
Port 4
To Next Page
Loading...
