Note
Subnet mask for individual hosts
If you create the rule for a single system (one IP address), you will need to specify a 32-Bit
long subnet mask. This is then "255.255.255.255". As an alternative, you can specify the
keyword "host" followed by the IP address.
Further notes
You delete an IP access control list with the
command.
You display the configuration of the access control list with the
11.4.3.3
permit icmp
Description
With this command, you configure an IP access control list for ICMP messages.
You have the following options:
● All incoming and/or outgoing ICMP messages are forwarded.
● Incoming and/or outgoing ICMP messages of a specific host are forwarded.
● Incoming and/or outgoing ICMP messages of hosts of a specific subnet are forwarded.
Note
Processing order of the lists
The access control lists are processed on the interface in the order in which they were
created.
The index number of the access control list is not used for this.
Requirement
You are in the ACL standard configuration mode.
The command prompt is as follows:
cli(config-std-nacl)#
SCALANCE XM-400/XR-500 Command Line Interface
Configuration Manual, 05/2014, C79000-G8976-C252-07
Security and authentication
no ip access-list standard <acl-num>
show access-lists
11.4 IP access control list
command.
503