Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual page 330

Catalyst 6000 series software configuration guide

Hide thumbs Also See for WS-X6066-SLB-APC - Content Switching Module:

Installation note (28 pages)

Table of Contents

Configuring VACLs

Creating a Non-IP Version 4/Non-IPX VACL (MAC VACL) and Adding ACEs

IP traffic and IPX traffic are not access controlled by MAC VACLs. All other traffic types

(AppleTalk, DECnet, and so on) are classified as MAC traffic and MAC VACLs are used to access

control this traffic.

To create a new non-IP version 4/non-IPX VACL and add ACEs, or to add ACEs to an existing non-IP

version 4/non-IPX VACL, perform this task in privileged mode:

Create a new non-IP

version 4/non-IPX VACL and add

ACEs, or add ACEs to an existing

non-IP version 4/non-IPX VACL.

This example shows how to create an ACE for MACACL1 to block all traffic from 8-2-3-4-7-A:

Console> (enable) set security acl mac MACACL1 deny host 8-2-3-4-7-A any

MACACL1 editbuffer modified. Use 'commit' command to apply changes.

Console> (enable)

This example shows how to create an ACE for MACACL1 to block all traffic to A-B-C-D-1-2:

Console> (enable) set security acl mac MACACL1 deny any host A-B-C-D-1-2

MACACL1 editbuffer modified. Use 'commit' command to apply changes.

Console> (enable)

This example shows how to create an ACE for MACACL1 to allow traffic from all sources:

Console> (enable) set security acl mac MACACL1 permit any any

MACACL1 editbuffer modified. Use 'commit' command to apply changes.

Console> (enable)

This example shows how to display the contents of the edit buffer:

Console> (enable) show security acl info MACACL1 editbuffer

set security acl mac MACACL1

-----------------------------------------------------------------

1. deny 8-2-3-4-7-A any

2. deny any A-B-C-D-1-2

3. permit any any

Console> (enable)

For more information about the show security acl info command, see the

a VACL" section on page

This example shows how to commit the ACEs to NVRAM:

Console> (enable) commit security acl all

ACL commit in progress.

ACL MACACL1 is committed to hardware.

Console> (enable)

Catalyst 6000 Family Software Configuration Guide—Releases 6.3 and 6.4

set security acl mac {acl_name} {permit | deny}

{src_mac_addr_spec} {dest_mac_addr_spec} [ether-type]

[capture] [before editbuffer_index | modify

editbuffer_index]

Configuring Access Control

"Showing the Contents of

Show Quick Links

Table of Contents

Troubleshooting

Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual page 330

Hide quick links:

Troubleshooting

Related Manuals for Cisco WS-X6066-SLB-APC - Content Switching Module

Related Products for Cisco WS-X6066-SLB-APC - Content Switching Module

This manual is also suitable for:

Table of Contents