Cisco WS-C6506 Software Manual page 475

Chapter 15 Configuring Access Control
Example 4
This example shows that a merge failure occurs when mapping an ACL to a port. In this case, the
configuration is not saved.
Console> (enable) set port security-acl 3/1 merge
ACL interface is set to merge for port(s) 3/1.
Console> (enable) set security acl map ipacl1 3/1
Mapping in progress.
2003 Oct 01 19:44:31 %ACL-3-PACLMAPCOMMITFAIL:Failed to Map Security ACL ipacl1 to Port
3/15
Failed to attach ACL ipacl1 to port(s) 3/1.
Console> (enable) show security acl map config 3/1
Port
----- -------------------------------- ----
No ACL is mapped to port 3/1.
Console> (enable) show security acl map runtime 3/1
Port
----- -------------------------------- ----
No ACL is mapped to port 3/1.
Console> (enable)
Example 5
This example shows that you cannot change the mode if a failure occurs when changing port-based mode
to merge mode:
Console> (enable) set port security-acl 3/1 port-based
ACL interface is set to port-based for port(s) 3/1.
Console> (enable) set security acl map ipacl1 3/1
ACL ipacl1 is successfully mapped to port 3/1.
Console> (enable) show security acl map config 3/1
Port
----- -------------------------------- ----
3/1
Console> (enable) show security acl map runtime 3/1
Port
----- -------------------------------- ----
3/1
Console> (enable) set port security-acl 3/1 merge
Failed to set interface to merge mode for port(s) 3/1.
2003 Oct 01 19:53:01 %ACL-3-TCAMFULL:Acl engine TCAM table is full
Console> (enable)
OL-8978-04
ACL name
ACL name
ACL name
ipacl1
ACL name
ipacl1
Type
Type
Type
IP
Type
IP
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
Configuring Port-Based ACLs
15-79