Table of Contents
Advertisement
Security Configuration Command Set
Configuring Access Lists
14.3.12.3 access-list (extended)
Configuring extended access control lists (ACLs) is an advanced routing feature that must be
enabled with a license key. If you have purchased an advanced routing license and have enabled
routing on the device, you must activate your license as described in
enable the extended access list command set. If you wish to purchase an advanced routing
license, contact Enterasys Networks Sales.
Use this command to define an extended IP access list by number when operating in router mode.
Restrictions defined by an access list are applied by using the ip access-group command as
described in
Section
access-list access-list-number [insert | replace entry] | [log 1-5000 | all] [move
destination source1 [source2]] {deny | permit} protocol source [source-wildcard]
[operator [port]] destination [destination-wildcard] [operator [port]]
[tos-extensions][icmp-type [icmp-code] [established] [log]
To insert or replace an ACL entry:
access-list access-list-number insert | replace entry
To move entries within an ACL:
access-list access-list-number move destination source1 [source2]
To log entries within an ACL:
access-list access-list-number log 1-5000 | all
To apply ACL restrictions to IP, UDP, TCP or ICMP packets:
access-list access-list-number {deny | permit} protocol source [source-wildcard]
[operator [port]] destination [destination-wildcard] [operator [port]]
[tos-extensions][icmp-type [icmp-code] [established] [log]
NOTE: Valid access-list-numbers for extended ACLs are 100 to 199. For standard
ACLs, valid values are 1 to 99.
14-164 Matrix NSA Series Configuration Guide
* Advanced License Required *
14.3.12.4.
Section 13.2.1
in order to
Advertisement
Chapters
Table of Contents
