Cisco WS-X6066-SLB-APC - Content Switching Module Software Manual page 331

Chapter 16 Configuring Access Control
For more information about the commit security acl all command, see the
Note
section on page
Enter the show security acl info MACACL1 command to verify that the changes were committed. If
this VACL has not been mapped to a VLAN, enter the set security acl map command to map it to a
VLAN.
Committing ACLs
You can commit all ACLs or a specific ACL to NVRAM with the commit command. Any committed
ACL with no ACEs will be deleted.
To commit an ACL to NVRAM, perform this task in privileged mode:
Task
Commit an ACL to NVRAM.
This example shows how to commit a specific security ACL to NVRAM:
Console> (enable) commit security acl IPACL2
ACL commit in progress.
ACL IPACL2 is committed to hardware.
Console> (enable)
Mapping a VACL to a VLAN
You can map a VACL to a VLAN with the set security acl map command. Note that there is no default
ACL-to-VLAN mapping; all VACLs need to be mapped to a VLAN.
To map a VACL to a VLAN, perform this task in privileged mode:
Task
Map a VACL to a VLAN.
This example shows how to map IPACL1 to VLAN 10:
Console> (enable) set security acl map IPACL1 10
ACL IPACL1 mapped to vlan 10
Console> (enable)
This example shows the output if you try to map an ACL that has not been committed:
Console> (enable) set security acl map IPACL1 10
Commit ACL IPACL1 before mapping.
Console> (enable)
78-13315-02
16-35.
Catalyst 6000 Family Software Configuration Guide—Releases 6.3 and 6.4
Command
commit security acl acl_name | all
Command
set security acl map acl_name vlans
Configuring VACLs
"Committing ACLs"
16-35