Using ACL Filters 57
Chapter 5: Quality of Service
3. Verify the configuration.
ex2500# show access-lists 1
Standard IP Access List 1
----------------------------
Source IP address : 0.0.0.0
Source IP address mask : 0.0.0.0
Destination IP address : 100.10.1.1
Destination IP address mask : 255.255.255.255
In Port List : 1
Filter Action : Deny
Status : InActive
ACL Example 2—Blocking Traffic from a Source to a Destination
Use this configuration to block traffic from a network destined for a specific host
address. All traffic that ingresses port 10 with source IP from the class
100.10.1.0/24 and destination IP 200.20.2.2 is denied.
1. Configure an Access Control List.
ex2500(config)# access-list ip 160 standard
ex2500(config-std-nacl)# deny 100.10.1.0 255.255.255.0 host 200.20.2.2
ex2500(config-std-nacl)# exit
2. Assign the ACL to port 10.
ex2500(config)# interface port 10
ex2500(config-if)# ip access-group 160 in
ex2500(config-if)# exit
ACL Example 3—Blocking HTTP Traffic
Use this configuration to block HTTP traffic on a port.
1. Configure an Access Control List.
ex2500(config)# access-list ip 170 extended
ex2500(config-ext-nacl)# deny tcp any any eq 80
ex2500(config-ext-nacl)# exit
2. Add the ACL to a port.
ex2500(config)# interface port 12
ex2500(config-if)# ip access-group 170 in
ex2500(config-if)# exit
To Next Page
Loading...
