ACL Configuration Examples
ACL Example 1
1. Configure an Access Control List.
2. Add ACL 1 to port EXT1.
ACL Example 2
1. Configure an Access Control List.
2. Add ACL 2 to port EXT2.
130
CN4093 Application Guide for N/OS 8.4
Use this configuration to block traffic to a specific host. All traffic that ingresses on
port EXT1 is denied if it is destined for the host at IP address 100.10.1.1.
CN 4093(config)# access-control list 1 ipv4 destination-ip-address
100.10.1.1
CN 4093(config)# access-control list 1 action deny
CN 4093(config)# interface port EXT1
CN 4093(config-if)# access-control list 1
CN 4093(config-if)# exit
Use this configuration to block traffic from a network destined for a specific host
address. All traffic that ingresses in port EXT2 with source IP from class
100.10.1.0/24 and destination IP 200.20.2.2 is denied.
CN 4093(config)# access-control list 2 ipv4 source-ip-address 100.10.1.0
255.255.255.0
CN 4093(config)# access-control list 2 ipv4 destination-ip-address
200.20.2.2 255.255.255.255
CN 4093(config)# access-control list 2 action deny
CN 4093(config)# interface port EXT2
CN 4093(config-if)# access-control list 2
CN 4093(config-if)# exit