Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual page 864

Cisco mds 9000 family cli configuration guide - release 4.x (ol-18084-01, february 2009)

Hide thumbs Also See for AP776A - Nexus Converged Network Switch 5020:

Command reference manual (1640 pages)

Configuration manual (1486 pages)

Reference (886 pages)

Table of Contents

Configuring IPv4-ACLs or IPv6-ACLs

S e n d d o c u m e n t a t i o n c o m m e n t s t o m d s f e e d b a c k - d o c @ c i s c o . c o m

To create an IPv6-ACL, follow these steps:

switch# config t

switch(config)#

switch(config)# ipv6 access-list List1

switch(config-ipv6-acl)#

switch(config)# no ipv6 access-list List1

switch(config-ipv6-acl)# permit ipv6 any any

switch(config-ipv6-acl)# no permit ipv6 any

switch(config-ipv6-acl)# deny tcp any any

To define an IPv4-ACL that restricts management access, follow these steps:

switch# config t

switch(config)# ip access-list restrict_mgmt

permit ip 10.67.16.0 0.0.0.255 any

switch(config)# ip access-list restrict_mgmt

permit icmp any any eq 8

switch(config)# ip access-list restrict_mgmt

deny ip any any

To define an IPv6-ACL that restricts management access, follow these steps:

switch# config t

switch(config)# ip access-list RestrictMgmt

switch(config-ipv6-acl)#

switch(config)# permit ipv6

2001:0DB8:800:200C::/64 any

switch(config)# permit icmp any any eq 8

switch(config)# deny ipv6 any any

To use the operand and port options for an IPv4-ACL, follow these steps:

switch# config t

switch(config)# ip access-list List2 deny tcp

1.2.3.0 0.0.0.255 eq port 5 any

Cisco MDS 9000 Family CLI Configuration Guide

Configuring IPv4 and IPv6 Access Control Lists

Enters configuration mode.

Configures an IPv6-ACL called List1 and

enters IPv6-ACL configuration submode.

Removes the IPv6-ACL called List1 and all its

Adds an entry permitting IPv6 traffic from any

source address to any destination address.

Removes an entry from the IPv6-ACL.

Adds an entry to deny TCP traffic from any

source address to any destination address.

Enters configuration mode.

Defines an entry in an IPv4-ACL named

restrict_mgmt allowing all addresses in the

10.67.16.0/24 subnet.

Adds an entry to an IPv4-ACL named

restrict_mgmt to allow any device to ping the

MDS (icmp type 8).

Explicitly blocks all other access to an

access-list named restrict_mgmt.

Enters configuration mode.

Configures an IPv6-ACL called RestrictMgmt

and enters IPv6-ACL configuration submode.

Defines an entry allowing all addresses in the

2001:0DB8:800:200C::/64 prefix.

Adds an entry to allow any device to ping the

MDS (ICMP type 8).

Explicitly blocks all other IPv6 access.

Enters configuration mode.

Denies TCP traffic from 1.2.3.0 through

source port 5 to any destination.

OL-18084-01, Cisco MDS NX-OS Release 4.x

Show Quick Links

Table of Contents

Troubleshooting

Cisco AP776A - Nexus Converged Network Switch 5020 Configuration Manual page 864

Hide quick links:

Troubleshooting

Related Manuals for Cisco AP776A - Nexus Converged Network Switch 5020

Related Products for Cisco AP776A - Nexus Converged Network Switch 5020

This manual is also suitable for:

Table of Contents