Cisco Nexus 9000 Series Configuration Manual page 287
Nx-os security configuration guide, release 9.x
Hide thumbs
Also See for Nexus 9000 Series:
- Configuration manual (276 pages) ,
- Troubleshooting manual (126 pages) ,
- Quick start configuration manual (6 pages)
Table of Contents
Advertisement
Configuring IP ACLs
Note
If the interface is configured with the mac packet-classify command, you cannot apply an IP port ACL to
the interface until you remove the mac packet-classify command from the interface configuration.
Before you begin
Ensure that the ACL you want to apply exists and that it is configured to filter traffic in the manner that you
need for this application.
SUMMARY STEPS
1. configure terminal
2. Enter one of the following commands:
3. Enter one of the following commands:
4. (Optional) show running-config aclmgr
5. (Optional) copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 2
Enter one of the following commands:
• interface ethernet slot/port
• interface port-channel channel-number
Example:
switch(config)# interface ethernet 2/3
switch(config-if)#
Step 3
Enter one of the following commands:
• ip port access-group access-list in
• ipv6 port traffic-filter access-list in
Example:
switch(config-if)# ip port access-group
acl-l2-marketing-group in
• interface ethernet slot/port
• interface port-channel channel-number
• ip port access-group access-list in
• ipv6 port traffic-filter access-list in
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
Applying an IP ACL as a Port ACL
Purpose
Enters global configuration mode.
Enters configuration mode for the interface type that you
specified.
Applies an IPv4 or IPv6 ACL to the interface or port
channel. Only inbound filtering is supported with port
ACLs. You can apply one port ACL to an interface.
261
- Quick Links:
- Radius and Tacacs+ Security Protocols
Hide quick links:
Advertisement
Table of Contents
