Table of Contents
Advertisement
Command Attributes
• Port – Fixed port or SFP module. (Range: 1-10)
• IP – Specifies the IP ACL to bind to a port.
• MAC – Specifies the MAC ACL to bind to a port.
• IN – ACL for ingress packets.
Web – Click Security, ACL, Port Binding. Click Edit to open the configuration page
for the ACL type. Mark the Enable field for the port you want to bind to an ACL for
ingress or egress traffic, select the required ACL from the drop-down list, then click
Apply.
CLI – This example assigns an IP access list to port 1, and an IP access list to
port 3.
Console(config)#interface ethernet 1/1
Console(config-if)#ip access-group david in
Console(config-if)#exit
Console(config)#interface ethernet 1/3
Console(config-if)#ip access-group david in
Console(config-if)#
Filtering IP Addresses for Management Access
You can create a list of up to 16 IP addresses or IP address groups that are allowed
management access to the switch through the web interface, SNMP, or Telnet.
Command Usage
• The management interfaces are open to all IP addresses by default. Once you add
an entry to a filter list, access to that interface is restricted to the specified
addresses.
• If anyone tries to access a management interface on the switch from an invalid
address, the switch will reject the connection, enter an event message in the
system log, and send a trap message to the trap manager.
• IP address can be configured for SNMP, web and Telnet access respectively. Each
of these groups can include up to five different sets of addresses, either individual
Figure 3-65 Configuring ACL Port Binding
Access Control Lists
4-150
4-126
3
3-95
Hide quick links:
Advertisement
Table of Contents
