Consolidated Platform Configuration Guide, Cisco Ios Release 15.2(4)E (Catalyst 2960-X Switches - Cisco Catalyst 2960 series Configuration Manual
Consolidated platform configuration guide, ios release 15.2(4)e
Hide thumbs
Also See for Catalyst 2960 series:
- Software configuration manual (980 pages) ,
- Command reference manual (800 pages) ,
- Configuration manual (120 pages)
Table of Contents
Advertisement
How to Configure ACLs
SUMMARY STEPS
1. enable
2. show ip access-lists access-list-name
3. configure terminal
4. ip access-list extended access-list-name
5. no [sequence-number] permit protocol source source-wildcard destination destination-wildcard[option
option-name] [precedence precedence][tos tos] [log] [time-range time-range-name] [fragments]
6. [sequence-number] permit protocol source source-wildcard[operator port[port]] destination
destination-wildcard[operator port[port]] [option option-name] [precedence precedence][tos tos] [log]
[time-range time-range-name] [fragments]
7. Repeat Steps 5 and 6 as necessary, adding permit or deny statements to consolidate access list entries
where possible. Use the no sequence-number command to delete an entry.
8. end
9. show ip access-lists access-list-name
DETAILED STEPS
Command or Action
Step 1
enable
Example:
Device> enable
Step 2
show ip access-lists access-list-name
Example:
Device# show ip access-lists mylist1
Step 3
configure terminal
Example:
Device# configure terminal
Step 4
ip access-list extended access-list-name
Example:
Device(config)# ip access-list extended mylist1
Step 5
no [sequence-number] permit protocol source
source-wildcard destination destination-wildcard[option
option-name] [precedence precedence][tos tos] [log]
[time-range time-range-name] [fragments]
Example:
Device(config-ext-nacl)# no 10
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1194
Purpose
Enables privileged EXEC mode.
• Enter your password if prompted.
(Optional) Displays the contents of the IP access list.
• Review the output to see if you can consolidate any
access list entries.
Enters global configuration mode.
Specifies the IP access list by name and enters named access
list configuration mode.
Removes the redundant access list entry that can be
consolidated.
• Repeat this step to remove entries to be consolidated
because only the port numbers differ.
• After this step is repeated to remove the access list
entries 20, 30, and 40, for example, those entries are
removed because they will be consolidated into one
permit statement.
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
