Configuring Ip Extended Acl - Motorola RFS6000 Reference Manual
Hide thumbs
Also See for RFS6000:
- Configuration manual (19 pages) ,
- Brochure (8 pages) ,
- Reference manual (1054 pages)
Table of Contents
Advertisement
14-32
Motorola RF Switch CLI Reference Guide
14.2 Configuring IP Extended ACL
IP Extended ACLs contain rules based on the following parameters:
• Source IP address
• Destination IP address
• IP Protocol
• Source Port–if protocol is TCP or UDP
• Destination Port–if protocol is TCP or UDP
• ICMP Type–if protocol is ICMP
• ICMP Code–if protocol is ICMP
IP protocol, Source IP and Destination IP are mandatory parameters.You can create either
a Numbered IP Extended ACL or a Named IP Extended IP Address.
Execute the following commands to configure an IP Extended ACL:
1. To configure a numbered IP Extended ACL:
RFSwitch(config)#access-list 2 deny ip host 1.2.3.4 any
rule-precedence 10
RFSwitch(config)#access-list 2 permit tcp any host
2.3.4.5 eq 80 rule-precedence 20
RFSwitch(config)#access-list 2 deny icmp any host 2.3.4.5
rule-precedence 30
2. To configure named IP Extended ACL:
RFSwitch(config)#ip access-list extended ipextacl
RFSwitch(config-ext-nacl)#deny ip host 1.2.3.4 any rule-
precedence 10
RFSwitch(config-ext-nacl)#permit tcp any host 2.3.4.5 eq
80 rule-precedence 20
RFSwitch(config-ext-nacl)#deny icmp any host 2.3.4.5
rule-precedence 30
- Quick Links:
- Cli Overview
Hide quick links:
Advertisement
Table of Contents
