Table of Contents
Advertisement
HP Switch(config)# vlan 20 ip access-group My-List vlan
HP Switch(config)# vlan 20
HP Switch(vlan-20)# ip access-group 155 vlan
HP Switch(vlan-20)# exit
HP Switch(config)# no vlan 20 ip access-group My-List vlan
HP Switch(config)# vlan 20
HP Switch(vlan-20)# no ip access-group 155 vlan
HP Switch(vlan-20)# exit
Figure 10-21. Methods for Enabling and Disabling VACLs
Filtering Inbound IPv4 Traffic Per Port
For a given port, port list, or static port trunk, you can assign an ACL as a static
port ACL to filter any IPv4 traffic entering the switch on that interface. You
can also use the same ACL for assignment to multiple interfaces. For limits
and operating rules, refer to "IPv4 ACL Configuration and Operating Rules"
on page 10-32.
Syntax: [no] interface < port-list | Trkx > ip access-group < identifier > in
where: < identifier > = either a ACL name or an ACL ID number.
Assigns an ACL as a static port ACL to a port, port list, or
static trunk to filter any IPv4 traffic entering the switch on
that interface. You can use either the global configuration
level or the interface context level to assign or remove a
static port ACL.
Note: The switch allows you to assign a nonexistent ACL
name or number to an interface. In this case, if you
subsequently configure an ACL with that name or number,
it automatically becomes active on the assigned interface.
Also, if you delete an assigned ACL from the switch without
subsequently using the "no" form of this command to
remove the assignment to an interface, the ACL assignment
remains and will automatically activate any new ACL you
create with the same identifier (name or number).
IPv4 Access Control Lists (ACLs)
Adding or Removing an ACL Assignment On an Interface
Enables a VACL from the
Global Configuration
Level
Enables a VACL from a
VLAN Context.
Disables a VACL from the
Global Configuration
Level
Disables a VACL from a
VLAN Context.
10-83
Hide quick links:
Advertisement
Table of Contents
