Cisco Catalyst 2950 Software Configuration Manual page 453
Hide thumbs
Also See for Catalyst 2950:
- Configuration manual (710 pages) ,
- Command reference manual (686 pages) ,
- Software configuration manual (674 pages)
Table of Contents
Advertisement
Chapter 23
Configuring Network Security with ACLs
Beginning in privileged EXEC mode, follow these steps to create a standard access list using names:
Command
Step 1
configure terminal
Step 2
ip access-list standard {name |
access-list-number}
Step 3
deny {source source-wildcard | host source |
any}
or
permit {source source-wildcard | host source |
any}
Step 4
end
Step 5
show access-lists [number | name]
Step 6
copy running-config startup-config
Beginning in privileged EXEC mode, follow these steps to create an extended ACL using names:
Command
Step 1
configure terminal
Step 2
ip access-list extended {name |
access-list-number}
Step 3
{deny | permit} protocol
{source source-wildcard | host source | any }
[operator port] {destination
destination-wildcard | host destination | any}
[operator port]
Step 4
end
Step 5
show access-lists [number | name]
Step 6
copy running-config startup-config
78-11380-04
Purpose
Enter global configuration mode.
Define a standard IP access list using a name, and enter access-list
configuration mode.
Note
The name can be a number from 1 to 99.
In access-list configuration mode, specify one or more conditions
denied or permitted to determine if the packet is forwarded or
dropped.
•
host source represents a source and source wildcard of source
0.0.0.0.
•
any represents a source and source wildcard of 0.0.0.0
255.255.255.255.
Note
The log option is not supported on Catalyst 2950 switches.
Return to privileged EXEC mode.
Show the access list configuration.
(Optional) Save your entries in the configuration file.
Purpose
Enter global configuration mode.
Define an extended IP access list by using a name, and enter
access-list configuration mode.
The name can be a number from 100 to 199.
Note
In access-list configuration mode, specify the conditions allowed
or denied.
See the
"Creating a Numbered Extended ACL" section on
page 23-9
for definitions of protocols and other keywords.
•
host source represents a source and source wildcard of source
0.0.0.0, and host destination represents a destination and
destination wildcard of destination 0.0.0.0.
any represents a source and source wildcard or destination and
•
destination wildcard of 0.0.0.0 255.255.255.255.
Return to privileged EXEC mode.
Show the access list configuration.
(Optional) Save your entries in the configuration file.
Catalyst 2950 Desktop Switch Software Configuration Guide
Configuring ACLs
23-13
Advertisement
Table of Contents
Troubleshooting
