Configuring Ip Standard Acl Using Cli; Configuring Ip Extended Acl Using Cli - Motorola WS5100 Series Migration Giude

ACLs are identified by either a number or a name. Numbers are predefined for IP Standard and Extended
ACLs whereas name can be any valid alphanumeric string not exceeding 64 characters. In numbered ACLs,
the rule parameters have to be specified on the same command line along with the ACL identifier.
This section explains the following:
•

Configuring IP Standard ACL using CLI

•

Configuring IP Extended ACL using CLI

• Configuring MAC Extended ACL using CLI
10.4.1.1 Configuring IP Standard ACL using CLI
IP Standard ACLs contain rules based on Source IP Address. You can create either a Numbered IP Standard
ACL or a Named IP Standard IP Address.
Execute the following CLI commands to configure IP based standard ACL on WS5100 switch:
1. To configure numbered IP Standard ACL.
WS5100(config)#access-list 2 deny host 1.2.3.4 rule-precedence 10
WS5100(config)#access-list 3 deny host 1.2.3.4 rule-precedence 10
WS5100(config)#access-list 3 permit any rule-precedence 20
Valid numbers for numbered IP Standard ACLs are from 1-99 and 1300-1999. In the above CLI snippet ACL
3 denies host with IP 1.2.3.4 and allows all other hosts.
2. To configure named IP Standard ACL.
WS5100(config)#ip access-list standard ipst2
WS5100(config-std-nacl)#permit host 10.1.1.10 rule-precedence 30
WS5100(config-std-nacl)#deny any rule-precedence 20
10.4.1.2 Configuring IP Extended ACL using CLI
IP Extended ACLs contain rules based on the following parameters:
• Source IP address.
• Destination IP address.
• IP Protocol.
• Source Port–if protocol is TCP or UDP.
• Destination Port–if protocol is TCP or UDP.
• ICMP Type–if protocol is ICMP.
• ICMP Code–if protocol is ICMP.
IP protocol, Source IP and Destination IP are mandatory parameters.You can create either a Numbered IP
Extended ACL or a Named IP Extended IP Address.
Execute the following CLI commands to configure IP Extended ACL on WS5100 switch:
10-7
ACL