Cisco Catalyst 2950 Command Reference Manual page 266

permit (access-list configuration)
Usage Guidelines Use this command after the ip access-list global configuration command to specify permit conditions
for a named or numbered IP ACL. You can specify a source IP address, destination IP address, IP
protocol, TCP port, or UDP port. Specify the TCP and UDP port numbers only if protocol is tcp or udp
and operator is eq.
For more information about configuring IP ACLs, see "Configuring Network Security with ACLs"
Note
chapter in the switch software configuration guide for this release.
Examples
This example shows how to create an extended IP ACL and configure permit conditions for it:
Switch(config)# ip access-list extended Internetfilter2
Switch(config-ext-nacl)# permit host 36.10.10.5 any
Switch(config-ext-nacl)# permit host 192.1.10.8 any
This is an example of a standard ACL that sets permit conditions:
Switch(config)# ip access-list standard Acclist1
Switch(config-ext-nacl)# permit 192.5.34.0
Switch(config-ext-nacl)# permit 128.88.10.0
Switch(config-ext-nacl)# permit 36.1.1.0
In these examples, all other IP access is implicitly denied.
Note
You can verify your settings by entering the show ip access-lists or show access-lists privileged EXEC
command.
Related Commands Command
deny (access-list configuration)
ip access-group
ip access-list
show access-lists
show ip access-lists
Catalyst 2950 and Catalyst 2955 Switch Command Reference
2-236
Chapter 2 Catalyst 2950 and 2955 Cisco IOS Commands
0.0.0.255
0.0.0.255
0.0.0.255
Description
Sets deny conditions for an IP ACL.
Controls access to an interface.
Defines an IP ACL.
Displays ACLs configured on a switch.
Displays IP ACLs configured on the switch.
OL-10102-01