1. Manuals
  2. Brands
  3. Cisco Manuals
  4. Switch
  5. Catalyst X4232
  6. Installation and configuration note

Cisco Catalyst X4232 Installation And Configuration Note page 64

Layer 3 services module
Hide thumbs
Table of Contents

Advertisement

Configuring Access Control Lists
Creating Named Extended IP ACLs
To create a named extended IP ACL, perform the following tasks, beginning in global configuration
mode:
Task
Step 1
Define an extended IP ACL, using an alphabetic
name.
Step 2
In access-list configuration mode, specify the
conditions that are to be allowed or denied.
Define an extended IP ACL using an abbreviation
for a source and source wildcard of 0.0.0.0
255.255.255.255 and an abbreviation for a
destination and destination wildcard of 0.0.0.0
255.255.255.255.
Define an extended IP ACL using an abbreviation
for a source and source wildcard of source 0.0.0.0
and an abbreviation for a destination and
destination wildcard of destination 0.0.0.0.
Applying the ACL to an Interface
After you create an ACL, you can apply it to one or more interfaces. ACLs can be applied on the
inbound or outbound direction of an interface. When controlling access to an interface, you can use a
name or number.
To control access to the IP interface, perform the following task in interface configuration mode:
Task
Control access to an interface.
If the ACL is applied on an interface in the inbound direction, the switch router performs one of the
following operations:
If the comparison succeeds, the packet is permitted into the router and the switch router will make a
decision to forward the packet to a particular interface. If the comparison fails, the packet will be
dropped.
Installation and Configuration Note for the Catalyst 4000 Layer 3 Services Module
64
If a standard ACL is applied, the switch router compares the source IP address with the ACL.
If an extended ACL is applied, the switch router compares the 5 tuple against the ACL.
Command
Router (config) # ip access-list extended name
Router (config) # {deny | permit} protocol
source source-wildcard destination
destination-wildcard [precedence precedence]
[tos tos]
Router (config) # {deny | permit} protocol any
any
Router (config) # {deny | permit} protocol host
source host destination
Command
Router (config) # ip access-group
{access-list-number | name}
{in | out}
78-10164-03

Advertisement

Table of Contents
loading

Related Manuals for Cisco Catalyst X4232

Related Products for Cisco Catalyst X4232

This manual is also suitable for:

Catalyst 4000Ws-x4232-l3

Table of Contents