Security and authentication
11.4 IP access control list
SCALANCE XM-400/XR-500 Command Line Interface (CLI)
710 Configuration Manual, 11/2015, C79000-G8976-C252-10
ip access-group
Description
With this command, you enable the access control of the packets of an interface.
● An IP access list has been created.
● You are in the Interface configuration mode
.The command prompt is:
cli(config-if-$$$)#
Call up the command with the following parameters:
ip access
-group <access
-list-number(1-128)> {in|out}
The parameters have the following meaning:
Number of the access control list
Specifies that incoming packets are
filtered
-
Specifies that outgoing packets are
-
Note
Restrictions when filtering layer 2 interfaces
The filtering of outgoing packets is not supported on layer 2 interfaces.
Filtering on a layer 2 interface using an IP access control list is only effective for
IP packets.
To filter packets with other data formats, use an expanded MAC access control list.
The packets are filtered according to the access control list (ACL).
You disable the setting with the no ip access-group command.
You display the configuration of the access control list with the
show access-lists command.
To Next Page
Loading...
Need help?
General