deny (IPv4)
This example shows how to configure an IPv4 ACL named acl-eng-to-marketing with a rule that denies all
IP traffic from an IPv4 address object group named eng_workstations to an IP address object group named
marketing_group followed by a rule that permits all other IPv4 traffic:
switch# configure terminal
switch(config)# ip access-list acl-eng-to-marketing
switch(config-acl)# deny ip addrgroup eng_workstations addrgroup marketing_group
switch(config-acl)# permit ip any any
Related Commands
Command
fragments
ip access-list
object-group ip address
object-group ip port
permit (IPv4)
remark
show ip access-list
statistics per-entry
time-range
Cisco Nexus 7000 Series Security Command Reference
242
Description
Configures how an IP ACL processes noninitial
fragments.
Configures an IPv4 ACL.
Configures an IPv4 address object group.
Configures an IP port object group.
Configures a permit rule in an IPv4 ACL.
Configures a remark in an IPv4 ACL.
Displays all IPv4 ACLs or one IPv4 ACL.
Enables collection of statistics for each entry in an
ACL.
Configures a time range.
D Commands