A.B.C.D
Usage Guidelines
Use an AAA login to determine whether management user authentication must be
performed against a local user database or an external RADIUS server
5.1.2 access-list
Global Configuration Commands
Adds an access list entry. Use the access list command (under global configuration) to
configure the access list mechanism for filtering frames by protocol type or vendor code
Syntax
access-list
For Standard IP ACL's:
access-list (<1-99>|<1300-1999>) (deny|permit|mark (8021p <0-7> | tos
<0-255>))(A.B.C.D/M | host A.B.C.D | any)(log) (rule-precedence <1-
5000>)
For Extended IP ACL's:
access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0-
7> | tos <0-255>}} {ip} {source/source-mask | host source | any }
{destination/destination-mask | host destination | any } [log] [rule-
precedence access-list-entry precedence]
access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0-
7> | tos <0-255>}} {icmp} {source/source-mask | host source | any}
{destination/ destination-mask | host destination | any} [icmp-type |
[icmp-type icmp-code]] [log] [rule-precedence access-list-entry
precedence]
access-list (<100-199>|<2000-2699>) {deny | permit | mark {dot1p <0-
7> | tos <0-255>}} {tcp|udp} {source/source-mask | host source | any}
[operator source-port] {destination/destination-mask | host
destination | any} [operator destination-port] [log]
[rule-precedence |access-list-entry precedence]
IP address
Global Configuration Commands
5-5