Deny ( Ip ) - Cisco 300 Series Cli Manual
Small business 300 series managed switches
command line interface guide release 1.3
Hide thumbs
Also See for 300 Series:
- Cli manual (1117 pages) ,
- Administration manual (586 pages) ,
- Quick start manual (72 pages)
Table of Contents
Advertisement
ACL Commands
78-21075-01 Command Line Interface Reference Guide
Command Mode
IP Access-list Configuration mode
User Guidelines
If a range of ports is used for source port in an ACE, it is not counted again, if it is
also used for a source port in another ACE. If a range of ports is used for the
destination port in an ACE, it is not counted again if it is also used for destination
port in another ACE.
If a range of ports is used for source port it is counted again if it is also used for
destination port.
Example
switchxxxxxx(config)# ip access-list extended server
switchxxxxxx(config-ip-al)# permit ip 176.212.0.0 00.255.255
48.3
deny ( IP )
Use the deny IP Access-list Configuration mode command to set deny conditions
for IPv4 access list. Deny conditions are also known as access control entries
(ACEs).
Syntax
deny
protocol {any | source source-wildcard} {any | destination
destination-wildcard} [dscp number | precedence number] [
time-range-name]
icmp {any | source source-wildcard} {any | destination destination-wildcard}
deny
[any | icmp-type] [any | icmp-code]] [dscp number | precedence number] <all but
Cisco> [
time-range-name]
time-range
igmp {any | source source-wildcard} {any | destination
deny
destination-wildcard}[igmp-type] [dscp number | precedence number] <all but
Cisco>
time-range-name]
time-range
{any | source source-wildcard} {any| s ource-port/port-range}{any |
deny tcp
destination destination-wildcard} {any| d estination-port/port-range} [dscp number |
precedence number] [match-all list-of-flags] <all but Cisco> [
time-range-name]
48
time-range
time-range
773
Advertisement
Table of Contents
