Cisco Catalyst 3750-X Software Configuration Manual page 846
Hide thumbs
Also See for Catalyst 3750-X:
- Command reference manual (1244 pages) ,
- Message manual (150 pages) ,
- Getting started manual (22 pages)
Table of Contents
Advertisement
Configuring IPv4 ACLs
Beginning in privileged EXEC mode, follow these steps to create a standard ACL using names:
Command
Step 1
configure terminal
Step 2
ip access-list standard name
deny {source [source-wildcard] | host source |
Step 3
any} [log]
or
permit {source [source-wildcard] | host source
| any} [log]
Step 4
end
show access-lists [number | name]
Step 5
Step 6
copy running-config startup-config
To remove a named standard ACL, use the no ip access-list standard name global configuration
command.
Beginning in privileged EXEC mode, follow these steps to create an extended ACL using names:
Command
Step 1
configure terminal
Step 2
ip access-list extended name
{deny | permit} protocol {source
Step 3
[source-wildcard] | host source | any}
{destination [destination-wildcard] | host
destination | any} [precedence precedence]
[tos tos] [established] [log] [time-range
time-range-name]
Step 4
end
show access-lists [number | name]
Step 5
Step 6
copy running-config startup-config
To remove a named extended ACL, use the no ip access-list extended name global configuration
command.
Catalyst 3750-X and 3560-X Switch Software Configuration Guide
37-16
Chapter 37
Purpose
Enter global configuration mode.
Define a standard IPv4 access list using a name, and enter
access-list configuration mode.
The name can be a number from 1 to 99.
In access-list configuration mode, specify one or more conditions
denied or permitted to decide if the packet is forwarded or dropped.
host source—A source and source wildcard of source 0.0.0.0.
•
any—A source and source wildcard of 0.0.0.0
•
255.255.255.255.
Return to privileged EXEC mode.
Show the access list configuration.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Define an extended IPv4 access list using a name, and enter
access-list configuration mode.
The name can be a number from 100 to 199.
In access-list configuration mode, specify the conditions allowed
or denied. Use the log keyword to get access list logging messages,
including violations.
See the
"Creating a Numbered Extended ACL" section on
page 37-11
for definitions of protocols and other keywords.
host source—A source and source wildcard of source 0.0.0.0.
•
host destination—A destination and destination wildcard of
•
destination 0.0.0.0.
any—A source and source wildcard or destination and
•
destination wildcard of 0.0.0.0 255.255.255.255.
Return to privileged EXEC mode.
Show the access list configuration.
(Optional) Save your entries in the configuration file.
Configuring Network Security with ACLs
OL-21521-01
- Quick Links:
- Table of Contents
- Deployment Features
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
