Chapter 15
Configuring Access Control
set security acl ip ip1 permit arp
set security acl ip ip1 redirect
set security acl ip ip1 redirect
set security acl ip ip1 redirect
set security acl ip ip1 redirect
set security acl ip ip1 permit ip any any
#ip2
set security acl ip ip2 permit arp
set security acl ip ip2 redirect
set security acl ip ip2 redirect
set security acl ip ip2 redirect
set security acl ip ip2 redirect
set security acl ip ip2 permit ip any any
#pbf set
set pbf mac 00-11-22-33-44-55
#
commit security acl all
set security acl map ip1 1
set security acl map ip2 2
This example shows how to display the MAC addresses that were learned by the switch for port 6/17 on
VLAN 1:
Console> (enable) show cam dynamic 6/17
* = Static Entry. + = Permanent Entry. # = System Entry. R = Router Entry.
X = Port Security Entry $ = Dot1x Security Entry
VLAN
----
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
1
Total Matching CAM Entries Displayed for 6/17 = 16 for port 6/9, vlan 2
OL-8978-04
Dest MAC/Route Des
[CoS]
------------------
-----
00-20-20-20-20-23
00-20-20-20-20-22
00-20-20-20-20-21
00-20-20-20-20-20
00-20-20-20-20-27
00-20-20-20-20-26
00-20-20-20-20-25
00-20-20-20-20-24
00-20-20-20-20-2b
00-20-20-20-20-2a
00-20-20-20-20-29
00-20-20-20-20-28
00-20-20-20-20-2f
00-20-20-20-20-2e
00-20-20-20-20-2d
00-20-20-20-20-2c
a_1
ip host 44.0.0.1 host 43.0.0.1
a_2
ip host 44.0.0.2 host 43.0.0.2
a_3
ip host 44.0.0.3 host 43.0.0.3
a_4
ip host 44.0.0.4 host 43.0.0.4
b_1
ip host 43.0.0.1 host 44.0.0.1
b_2
ip host 43.0.0.2 host 44.0.0.2
b_3
ip host 43.0.0.3 host 44.0.0.3
b_4
ip host 43.0.0.4 host 44.0.0.4
Destination Ports or VCs / [Protocol Type]
-------------------------------------------
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
6/17 [ALL]
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
Configuring Policy-Based Forwarding
15-101