Dell PowerConnect B-RX Configuration Manual page 604
Bigiron rx series supporting multi-service ironware v02.7.03
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1458 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
21
Configuring numbered and named ACLs
The following examples show how to configure a named standard ACL entry and a named extended
ACL entry.
Configuration example for standard ACL
To configure a named standard ACL entry, enter commands such as the following.
BigIron RX(config)# ip access-list standard Net1
BigIron RX(config-std-nacl)# deny host 209.157.22.26 log
BigIron RX(config-std-nacl)# deny 209.157.29.12 log
BigIron RX(config-std-nacl)# deny host IPHost1 log
BigIron RX(config-std-nacl)# exit
BigIron RX(config)# int eth 1/1
BigIron RX(config-if-e10000-1/1)# ip access-group Net1 in
The commands in this example configure a standard ACL named "Net1". The entries in this ACL
deny packets from three source IP addresses from being forwarded on port 1/1. Since the implicit
action for an ACL is "deny", the last ACL entry in this ACL permits all packets that are not explicitly
denied by the first three ACL entries. For an example of how to configure the same entries in a
numbered ACL, refer to
Notice that the command prompt changes after you enter the ACL type and name. The "std" in the
command prompt indicates that you are configuring entries for a standard ACL. For an extended
ACL, this part of the command prompt is "ext". The "nacl" indicates that are configuring a named
ACL.
Syntax: ip access-list standard <string> | <num>
Syntax: [no] ip access-list standard <string> | <num> deny | permit <source-ip> | <hostname>
or
Syntax: [no] ip access-list standard <string> | <num> deny | permit <source-ip>/<mask-bits> |
Syntax: [no] ip access-list standard <string> | <num> deny | permit host <source-ip> |
Syntax: [no] ip access-list standard <string> | <num> deny | permit any [log]
Syntax: [no] ip access-group <num> in
The standard parameter indicates the ACL type.
The 16 x 10 GE module only supports the following standard named ACLs.
Syntax: [no] ip access-list standard <string> | <num> deny | permit <source-ip> |
The <string> parameter is the ACL name. You can specify a string of up to 255 alphanumeric
characters. You can use blanks in the ACL name if you enclose the name in quotation marks (for
example, "ACL for Net1"). The <num> parameter allows you to specify an ACL number if you prefer.
If you specify a number, you can specify from 1 – 99 for standard ACLs or 100 – 199 for extended
ACLs.
532
"Configuring standard numbered ACLs"
<wildcard> [log]
<hostname> [log]
<hostname> [log]
<hostname> | <source-ip>/mask-bits> | <hostname><wildcards> [log]
on page 521.
BigIron RX Series Configuration Guide
53-1001986-01
Advertisement
Chapters
Table of Contents
