permit (IPv4)
echo—Echo (7)
isakmp—Internet Security Association and Key Management Protocol (5)
mobile-ip—Mobile IP registration (434)
nameserver—IEN116 name service (obsolete, 42)
netbios-dgm—NetBIOS datagram service (138)
netbios-ns—NetBIOS name service (137)
netbios-ss—NetBIOS session service (139)
non500-isakmp—Internet Security Association and Key Management Protocol (45)
ntp—Network Time Protocol (123)
pim-auto-rp—PIM Auto-RP (496)
rip—Routing Information Protocol (router, in.routed, 52)
snmp—Simple Network Management Protocol (161)
snmptrap—SNMP Traps (162)
sunrpc—Sun Remote Procedure Call (111)
syslog—System Logger (514)
tacacs—TAC Access Control System (49)
talk—Talk (517)
tftp—Trivial File Transfer Protocol (69)
time—Time (37)
who—Who service (rwho, 513)
xdmcp—X Display Manager Control Protocol (177)
Examples
This example shows how to configure an IPv4 ACL named acl-lab-01 with rules permitting all TCP and UDP
traffic from the 10.23.0.0 and 192.168.37.0 networks to the 10.176.0.0 network:
switch# configure terminal
switch(config)# ip access-list acl-lab-01
switch(config-acl)# permit tcp 10.23.0.0/16 10.176.0.0/16
switch(config-acl)# permit udp 10.23.0.0/16 10.176.0.0/16
switch(config-acl)# permit tcp 192.168.37.0/16 10.176.0.0/16
switch(config-acl)# permit udp 192.168.37.0/16 10.176.0.0/16
This example shows how to configure an IPv4 ACL named acl-eng-to-marketing with a rule that permits all
IP traffic from an IP-address object group named eng_workstations to an IP-address object group named
marketing_group:
switch# configure terminal
switch(config)# ip access-list acl-eng-to-marketing
switch(config-acl)# permit ip addrgroup eng_workstations addrgroup marketing_group
Related Commands
Command
deny (IPv4)
Cisco Nexus 7000 Series Security Command Reference
554
Description
Configures a deny rule in an IPv4 ACL.
P Commands