Cisco ONS 15454 Software Feature And Configuration Manual page 194

Sonet / sdh ml-series multilayer ethernet card

Hide thumbs Also See for ONS 15454:

Procedure manual (850 pages)

Reference manual (728 pages)

Troubleshooting manual (558 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

page of 232

/ 232
Contents
Table of Contents
Bookmarks

Table of Contents

ML-Series ACL Support

Creating Named Standard IP ACLs

To create a named standard IP ACL, perform the following procedure, beginning in global configuration

mode:

Command

Step 1

Router(config)# ip access-list standard

name

Step 2

Router(config-std-nac1)# deny { source

[ source-wildcard ] | any}

permit { source [ source-wildcard ] | any}

Step 3

Router(config)# exit

Creating Named Extended IP ACLs (Control Plane Only)

To create a named extended IP ACL, perform the following tasks, beginning in global configuration

mode:

Command

Step 1

Router(config)# ip access-list extended

name

Step 2

Router(config-ext-nacl)# {deny | permit}

protocol source source-wildcard destination

destination-wildcard [precedence

precedence ] [tos tos ]

{deny | permit} protocol any any

{deny | permit} protocol host source host

destination

Applying the ACL to an Interface

After you create an ACL, you can apply it to one or more interfaces. ACLs can be applied on either the

inbound or the outbound direction of an interface. When controlling access to an interface, you can use

a name or number. If a standard ACL is applied, the ML-Series card compares the source IP address with

the ACL. To apply an ACL to one or more interfaces, use the command in

IP Standard ACLs applied to bridged egress interfaces are not supported in the data-plane. When

Note

bridging, ACLs are only supported on ingress.

Cisco ONS 15454 SONET/SDH ML-Series Multilayer Ethernet Card Software Feature and Configuration Guide, R4.0

15-4

Chapter 15

Purpose

Defines a standard IP ACL using an alphabetic

name.

In access-list configuration mode, specifies one or

more conditions as permitted or denied. This

determines whether the packet is passed or dropped.

Exits access-list configuration mode.

Purpose

Defines an extended IP ACL using an alphabetic

name.

In access-list configuration mode, specifies the

conditions allowed or denied.

Or:

Defines an extended IP ACL using an abbreviation

for a source and source wildcard of 0.0.0.0

255.255.255.255, and an abbreviation for a

destination and destination wildcard of 0.0.0.0

255.255.255.255.

Or:

Defines an extended IP ACL using an abbreviation

for a source and source wildcard of source 0.0.0.0,

and an abbreviation for a destination and

destination wildcard of destination 0.0.0.0.

Table

Configuring Access Control Lists

15-2.

78-15224-02

Table of Contents

Cisco ONS 15454 Software Feature And Configuration Manual page 194

Related Manuals for Cisco ONS 15454

Related Products for Cisco ONS 15454

Table of Contents