Deleting Ip-Acls; Reading The Ip-Acl Log Dump - Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual

Fabric manager configuration guide, release 4.x

Hide thumbs Also See for AP775A - Nexus Converged Network Switch 5010:

Reference (886 pages)

Command reference manual (792 pages)

Configuration manual (760 pages)

Table of Contents

Configuring IPv4 and IPv6 Access Control Lists

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m

Click the IP-ACL you want to modify and click Rules.

You see the list of IP filters associated with this IP-ACL (see

Select the filter that you want to delete and click Delete to delete that IP filter.

Deleting IP-ACLs

You must delete the association between the IP-ACL and interfaces before deleting the IP-ACL.

To delete an IP-ACL using Fabric Manager, follow these steps:

Expand Switches > Security and then select IP ACL from the Physical Attributes pane.

You see the IP-ACL configuration in the Information pane.

Click the Profiles tab.

You see a list of switches, ACLs, and profile names.

Select the row you want to delete. To delete multiple rows, hold down the Shift key while selecting rows.

Click Delete Row. The IP-ACLs are deleted.

Use the LogEnabled check box option during IP filter creation to log information about packets that

match this filter. The log output displays the ACL number, permit or deny status, and port information.

For the input ACL, the log displays the raw MAC information. The keyword "MAC=" does not refer to

showing an Ethernet MAC frame with MAC address information. It refers to the Layer 2 MAC-layer

information dumped to the log. For the output ACL, the raw Layer 2 information is not logged.

The following example is an input ACL log dump:

Jul 17 20:38:44 excal-2

%KERN-7-SYSTEM_MSG:

%IPACL-7-DENY:IN=vsan1 OUT=

MAC=10:00:00:05:30:00:47:df:10:00:00:05:30:00:8a:1f:aa:aa:03:00:00:00:08:00:45:00:00:54:00

:00:40:00:40:01:0e:86:0b:0b:0b:0c:0b:0b:0b:02:08:00:ff:9c:01:15:05:00:6f:09:17:3f:80:02:01

:00:08:09:0a:0b:0c:0d:0e:0f:10:11:12:13:14:15:16:17:18:19:1a:1b:1c:1d:1e:1f:20:21:22:23:24

:25:26:27:28:29:2a:2b SRC=11.11.11.12 DST=11.11.11.2 LEN=84 TOS=0x00 PREC=0x00 TTL=64 ID=0

DF PROTO=ICMP TYPE=8 CODE=0 ID=277 SEQ=1280

The following example is an output ACL log dump:

Jul 17 20:38:44 excal-2

%KERN-7-SYSTEM_MSG:

%IPACL-7-DENY:IN= OUT=vsan1 SRC=11.11.11.2 DST=11.11.11.12 LEN=84 TOS=0x00 PREC=0x00

TTL=255 ID=38095 PROTO=ICMP TYPE=0 CODE=0 ID=277 SEQ=1280

OL-17256-03, Cisco MDS NX-OS Release 4.x

Cisco MDS 9000 Family Fabric Manager Configuration Guide

Reading the IP-ACL Log Dump

Show Quick Links

Table of Contents

Troubleshooting

Deleting Ip-Acls; Reading The Ip-Acl Log Dump - Cisco AP775A - Nexus Converged Network Switch 5010 Configuration Manual

Deleting IP-ACLs

Reading the IP-ACL Log Dump

Hide quick links:

Troubleshooting

Related Manuals for Cisco AP775A - Nexus Converged Network Switch 5010

Related Content for Cisco AP775A - Nexus Converged Network Switch 5010

This manual is also suitable for:

Table of Contents