Access Control Lists (ACLs) for the Series 5300xl Switches
Editing ACLs and Creating an ACL Offline
Display All ACLs and Their Assignments in the Switch
Startup-Config File and Running-Config File
The show config and show running commands include in their listings any
configured ACLs and any ACL assignments to VLANs. Refer to figure 9-11
(page 9-36) and figure 9-12 (page 9-37) for examples. Remember that show
config lists the startup-config file and show running lists the running-config file.
Editing ACLs and Creating an ACL
Offline
Earlier sections of this chapter describe how to use the CLI to create an ACL.
Beginning with “Using the CLI To Edit ACLs”, below, describes how to use the
CLI to edit existing ACLs. However, you can also create or edit an ACL offline,
then use a TFTP server to upload the ACL as a command file. The offline
method (page
9-56) provides a useful alternative to using the CLI for creating
or editing large ACLs.
Using the CLI To Edit ACLs
The switch applies individual ACEs in the order in which they occur in an ACL.
You can use the CLI to delete individual ACEs from anywhere in an ACL and
to append new ACEs to the end of an ACL. However, the CLI method does not
allow you to insert a new ACE between two existing ACEs.
Using the CLI To Edit a Short ACL. To insert a new ACE between exist-
ing ACEs in a short ACL, you may want to delete the ACL and then re-configure
it by entering your updated list of ACEs in the correct order.
Using the CLI to Edit a Longer ACL. To insert a new ACE between exist-
ing ACEs in a longer ACL:
a. Delete the first ACE that is out of sequence and all following ACEs
through the end of the ACL.
b. Re-Enter the desired ACEs in the correct sequence.
9-53
To Next Page
Loading...
