Policy

ip access-list

Command Mode

Global Configuration.

Description

Creates a rule in an access control list (ACL). The rule that you set is

 

applied on all of the ports on the switch.

 

* Note: You must enable the ACL on which you want to set a rule. Only

 

one ACL can be enabled at a time.

 

The no command deletes an ACL rule or ACL.

Syntax

 

 

 

 

 

 

To Create a

ip access-list<access-list-name> <access-list-index>

 

Standard

{permit [{use-priority <priority> use-diffserv [mask]

 

ACL Rule:

remark-diffserv <dscp> [mask] use-l2}] deny fwd1

 

 

fwd2 fwd3 fwd4 fwd5 fwd6 fwd7 fwd8}

 

 

{<source-ip-addr> <source-wildcard> any host

 

 

<source-ip-addr>}

 

 

 

 

To Create an

ip access-list<access-list-name> <access-list-index>

 

Extended

{permit [{use-priority <priority> use-diffserv [mask]

 

ACL Rule:

remark-diffserv <dscp> [mask] use-l2}] deny fwd1

 

 

fwd2 fwd3 fwd4 fwd5 fwd6 fwd7 fwd8}

 

 

<protocol-id> {<source-ip-addr> <source-wildcard>

 

 

any host <source-ip-addr>} [{lt <port> eq <port>

 

 

gt <port> range <port> <port>}] {<dest-ip-addr>

 

 

<dest-wildcard> any host <dest-ip-addr>} [{lt

 

 

<port> eq <port> gt <port> range <port> <port>}]

 

 

[established]

 

 

 

 

To Remove an

no ip access-list<access-list-name> [<access-list-

 

ACL Rule or

index>]

 

ACL:

 

 

 

 

 

This command performs the same operation as the access-listcommand.

 

See that command for explanations of the keywords and variables and for

 

examples.

 

Systems

P550R, P580, P880, and P882.

Document No. 10-300090, Issue 1

20-11

Page 425
Image 425
Avaya 106760804 manual Ip access-list, To Create a