Table of Contents
Advertisement
Access Policies
Table 32: Access Control List Configuration Commands (continued)
Command
delete access-list <name>
delete access-mask <name>
delete rate-limit <name>
show access-list {<name> | ports <portlist>}
show access-mask {<name>}
show rate-limit {<name> | ports <portlist>}
Access Control List Examples
This section presents three access control list examples:
• Using the permit-establish keyword
• Filtering ICMP packets
• Using a rate limit
Using the Permit-Established Keyword
This example uses an access list that permits TCP sessions (Telnet, FTP, and HTTP) to be established in
one direction.
The switch, shown in Figure 16, is configured as follows:
• Two VLANs, NET10 VLAN and NET20 VLAN, are defined.
• The NET10 VLAN is connected to port 2 and the NET20 VLAN is connected to port 10
• The IP addresses for NET10 VLAN is 10.10.10.1/24.
• The IP address for NET20 VLAN is 10.10.20.1/24.
• The workstations are configured using addresses 10.10.10.100 and 10.10.20.100.
• IPForwarding is enabled.
Figure 16: Permit-established access list example topology
10.10.10.1
10.10.10.100
NET10 VLAN
The following sections describe the steps used to configure the example.
124
Description
Deletes an access list.
Deletes an access mask. Any access lists or rate
limits that reference this mask must first be
deleted.
Deletes a rate limit.
Displays access-list information.
Displays access-list information.
Displays access-list information.
10.10.20.1
NET20 VLAN
10.10.20.100
LC24008
Summit 200 Series Switch Installation and User Guide
- Quick Links:
- Connecting Equipment to the Console Port
Hide quick links:
Advertisement
Table of Contents
