Ip access-list | Cambridge SoundWorks P460 specification

Chapter 2 Avaya P460 CLI Commands

Use the ip access-groupcommand to activate a specific policy list.

Use the no ip access-group command to deactivate the policy list.

The syntax for this command is:

[no] ip access-group<policy-list-number>[<default-action>]

<priority-list-number>	integer (100...199)
<default-action>	default-action-denydefault-action-permit
Example:

Router-1(configure)# ip access-group 101

ip access-list

User level: read-write, admin.

•You can only access this command in Configure mode.

Type configure at the command prompt to enter Configure mode.

Use the ip access list command to create a specific policy rule. The access list contains several of these rules: each rule pertains to the source IP address, the destination IP address, the protocol, the protocol ports (if relevant), and to the ACK bit (if relevant).

Use the no ip access list command to delete a specific rule.

The syntax for this command is:

[no] ip access-list<access-list-number> <access-list-index> <command> <protocol> {<source-ip> <source-wildcard> any host <source-ip>}[<operator> <port> [<port]] {<destination-ip> <destination-

wildcard>any host <destination-ip>}[<operator> <port>

[<port>]][established] [precedence]

<access-list-number>	integer (100...149)
<access-list-index>	integer (1...9999)
<command>	permit deny deny-and-notify fwd0-7
<protocol>	ip tcp udp integer (1...255)

32	Avaya P460 Reference Guide

Image 42

Cambridge SoundWorks P460 manual Ip access-list

Contents

Avaya P460 Page Contents Contents Avaya P460 Reference Guide Iii Contents Contents Contents Avaya P460 Reference Guide Vii Viii Avaya P460 Reference Guide Using the CLI Conventions Used Command line prompt looks as follows Command Abbreviations Navigation, Cursor Movement and Shortcuts Tree command Retstatus commandP460-1# set port negotiation 2/4 disable P460-1# tree P460-1terminal width 80 terminal width Terminal widthTerminal width character Terminal length Clear screen Clear screenP460-1clear screen Avaya P460 Sessions Session router Security Levels Entering the Supervisor Level Entering the CLI Entering the Technician LevelP460-1help show Prompt changes to Routerconfig-ifinterfacename# Prompt changes to Routerconfigure routerprotocolname# Chapter Using the CLI Avaya P460 Reference Guide Area Arp Router-1configure#arp 192.168.7.8 00400d8c2a01 Arp timeoutNo arp timeout seconds No banner login No banner post-loginP460-1super#banner post-login Clear cam Clear arp-cacheClear cam P460-1#clear cam Clear dynamic vlans P460-1#clear dynamic vlansP460-1#clear event-log P460-1#clear ip route 134.12.3.0 P460-1#clear interface outbandClear ip route Clear ip route Layer P460-1#clear port mirror 9/2/10/4 Router-1configure#clear ip route 192.168.49.1Clear port mirror Clear port static-vlan P460-1super#clear radius authentication server secondary Clear radius authentication serverClear radius authentication serverprimarysecondary P460-1#clear port static-vlan 3/10 P460-1#clear system-log P460-1#clear snmp trapClear system-log modulenumber Clear timezone P460-1#clear vlan Router-1configure#clear vlan 2 name vlan2Clear vlan Clear vlan Layer Command Copy l2-config tftp filename ipP460-1#copy l2-config tftp c\p460\config Copy tftp l2-config filename ip P460-1#copy tftp EW-archive c\P460\switch1.cfgCopy tftp l2-config Copy tftp EWarchive filename ip Copy tftp startup-config filename ip P460-1#copy tftp l2-config c\p460\backupCopy tftp startup-config Router-1copy tftp startup-config c\P460\router1.cfg P460-1#copy tftp SWimageA c\imgA.bin Copy tftp SWimageACopy tftp SWimageA filename ip Copy tftp SWimageB Disable interface Default-metricNo default-metric number P460-1#copy tftp SWimageB c\imgB.bin Disable interface outband inband P460-1#disable interface outbandEnable interface Get time Enable vlan commandsEnable vlan commands Get time Router-1hostname Marketing P460-1#hostname gregoryHostname Layer Interface Ip access-default-action Ip access-group Ip access-list Router-1configure#ip access-list-cookie 101 Router-1configure#ip access-list 101 23 deny ip any 1.2.0.0Ip access-list-cookie Ip access-list-copy Router-1configure#ip access-list-name 101 morning Router-1configure#ip access-list-copy 100Ip access-list-name Ip access-list-owner Router-1ip access-list-owner 101 admin Ip address255.255.255.0 Ip bootp-dhcp network Ip admin-stateIp admin-state up/down No ip bootp-dhcp network ip-address Router-1configure#no ip bootp-dhcp relay Ip bootp-dhcp relayNo ip bootp-dhcp relay Ip bootp-dhcp server Ip broadcast-address Ip bootp-dhcp server ip-address192.168.37.46 Ip broadcast-address bc addr Ip directed-broadcast Ip default-gatewayRouter-1configure#ip default-gateway No ip directed-broadcast Router-1configure#ip max-arp-entries Ip icmp-errorsNo ip icmp-errors Ip max-arp-entries No ip netbios-rebroadcast mode Router-1configure#ip max-route-entriesIp netbios-rebroadcast Ip max-route-entries Router-1configure#ip netmask-format bitcount decimal Ip netmask-formatNo ip netmask-format mask-format Key mypass Ip ospf authentication-keyNo ip ospf authentication-key key Ip ospf cost Ip ospf hello-interval Ip ospf dead-intervalNo ip ospf dead-interval seconds No ip ospf hello-interval seconds Ip ospf router-id Ip ospf priorityNo ip ospf priority priority No ip ospf router-id router id No ip proxy-arp Ip rip authentication keyIp proxy-arp Ip redirect Mode simple No ip rip authentication key passwordIp rip authentication mode Key hush-hush Mode talk listen Ip rip default-route-modeIp rip default-route-mode mode Ip rip poison-reverse Ip rip rip-version No ip rip poison-reverseIp rip rip-version Ip rip send-receive Ip rip split-horizon No ip rip split-horizon Router-1configure#ip route 192.168.33.0 255.255.255.0 Ip routeIp routing No ip routing Router-1configure# ip routingIp routing-mode mode Ip routing-mode Router-1configure#ip simulate 100 192.67.85.12 Ip vlan/ip vlan nameNo ip vlan vlan-id No ip vrrp vr-id Ip vlan name vlan-NameIp vrrp Ip vrrp address Ip vrrp auth-key No ip vrrp vr-idaddress ip-address10.0.1.2 No ip vrrp vr-idauth-key key-string Ip vrrp preempt No ip vrrp vr-idoverride addr ownerOwner Ip vrrp primary Ip vrrp priority No ip vrrp vr-idprimary ip-address192.168.66.23 No ip vrrp vr-idpriority pri-value Ip vrrp timer Line P460-1super#line 5 P460 CLI NetworkNetwork Layer P460-1#no rmon alarm No rmon alarmNo rmon alarm Alarm Index Area No rmon history History Index No rmon event Event IndexP460-1#no rmon event P460-1#no rmon history Nvram initialize Nvram initialize switch allP460-1super#no username john P460-1#nvram initialize Redistribute Ospf PingP460-1ping 149.49.48.1 No redistribute protocol Reset Redistribute RIP Reset Supervisor module in slot Avaya P460 CLI Commands Rmon alarm Possible parameters are Rising, Falling, risingOrfalling Rmon event Router ospf Rmon historyP460-1#rmon history 1026 1026 3/2 30 buckets 20 owner amir No router ospf Router vrrp Router ripNo router rip No router vrrp P460-1session router Set allowed managers enableddisabledP460-1super#set allowed managers enabled Set allowed managers Set arp-aging-interval Set allowed managers ipP460-1super#set allowed managers ip add Set arp-aging-interval value Set boot bank value P460-1#set boot bank aP460-1#set arp-tx-interval Set broadcast storm control threshold threshold Set broadcast storm control enabledisableP460-1#set broadcast storm enable P460-1#set broadcast storm control threshold Set device-mode Layer Set device-mode modeP460-1super#set device-mode Router Router-1set device-mode Layer2 Set inband vlan vlannum Set intelligent-multicast enabledisableP460-1#set intelligent-multicast enable Set intelligent-multicast client-port-pruning time time P460-1#set intelligent-multicast client-port-pruning-time Set intelligent-multicast group-filtering delay timeP460-1#set intelligent-multicast group-filtering-delay time Set intelligent-multicast router port pruning time Set interface outband Set interface inbandP460-1#set interface inband 1 1.1.1.1 Set interface outband ipaddr netmask Set interface ppp Set interface ppp enable/disable/off/resetP460-1#set interface outband 149.49.75.174 P460-1#set interface ppp 149.49.34.125 P460-1#set interface ppp reset P460-1#set interface ppp enableP460-1#set interface ppp disable Set ip route P460-1#set ip route 0.0.0.0 24 Set license P460-1#set license 026 9b8 216 908 dea f4d layer-3Set logout Set outband duplex full half P460-1#set logoutSet outband duplex P460-1#set outband duplex full Set outband speed Set outband negotiation enable disableP460-1#set outband negotiation enable Set outband speed speed Set port auto-negotiation-flowcontrol-advertisement Set port auto-negotiation-flowcontrol-advertisement moduleSet port channel P460-1#set port channel 4/6,18 on server2 Set port classificationP460-1#set port classification 2/19 valuable P460-1#set port disable 4/1 Set port disableSet port disable module/port Set port duplex P460-1#set port enable 4/1 Set port enableSet port enable module/port P460-1#set port duplex 4/1 full On proprietary P460-1#set port flowcontrol receive 5/1 on P460-1#set port flowcontrol send 5/1 off Set port level P460-1#set port level 3/1 Set port mirror Set port mirror source-port module/port mirror-port module Set port name P460-1#set port name 4/21 arthurSet port negotiation P460-1#set port redundancy enable P460-1#set port negotiation 4/1 disableSet port redundancy enabledisable Set port redundancy Set port redundancy-intervals P460-1#set port redundancy-intervals 100 Set port spantreeSet port spantree cost Set port spantree priority module/port value Set port spantree cost module/port valueP460-1set port spantree cost 4/2 P460-1#set port spantree priority 3/4 P460-1#set port speed 4/1 100MB Set port static-vlan Set port trap P460-1#set port trap 3/2 enableP460-1#set port static-vlan 3/4-6 Set port vlan Set port vlan-binding-mode Set port vlan-binding-mode portlist value P460-1#set port vlan-binding-mode 5/5-9 static Set ppp authentication incoming papchapnoneP460-1#set ppp authentication incoming chap Set ppp baud-rate Set ppp chap-secret chap-secret P460-1#set ppp baud-rate 38400 ppp baud rate was set toSet ppp chap-secret P460-1super#set ppp chap secret hush Set qos dscp-agg-index dscp agg-index Set ppp incoming timeout timeP460-1#set ppp incoming timeout Set qos dscp-agg-index 5 Set qos dscp-name Router-1configure#set qos dcsp-cos-map 9-16 fwd3Set qos dscp-cos-map dscp1-dscp2 operation precedence Set qos dscp-name dscp name P460-1super#set radius authentication enable Set radius authentication enable/disableSet radius authentication enable disable Set radius authentication retry-number Set radius authentication retry-time Set radius authentication retry-number numberP460-1super#set radius authentication retry-number Set radius authentication retry-time time Set radius authentication secret string P460-1super#set radius authentication secret hushSet radius authentication server ip-addr primary Set slot power Mod UpDown Set radius authentication udp-port numberP460-1super#set radius authentication udp-port number P460-1set slot power 4 up Set snmp community P460-1#set snmp community read-only read Set snmp retries number Set snmp timeout numberP460-1#set snmp timeout P460-1#set snmp retries P460-1#set snmp trap 192.168.173.42 disable config P460-1#set snmp trap 192.168.173.42 enable configP460-1#set snmp trap 192.168.173.42 enable all P460-1#set snmp trap Set spantree enable/disable Set snmp trap enabledisable authP460-1#set snmp trap enable auth Set snmp trap auth Set system contact string Set spantree priority bridgepriorityP460-1#set spantree priority P460-1super#set system contact gregory kohll Set system name Set system location stringP460-1#set system location tech-support Set system name string P460-1set time protocol sntp-protocol Set time client enabledisableP460-1#set time client enable P460-1set time protocol time-protocol Set time server ip address P460-1#set time serverP460-1#set timezone EST P460-1#set trunk 3/3 dot1q Set vlanP460-1#set vlan 3 name gregory Set vlan Layer Set web aux-files-url Show allowed managers status Show access-groupRouter-1show access-group P460-1super#show allowed managers status P460-1super#show allowed managers table Show allowed managers tableShow allowed managers table Show arp-aging-interval P460-1show arp-aging-interval Show boot bankP460-1show boot bank Show arp-tx-interval Show broadcast storm control P460-1show broadcast storm controlShow cam Show cam mac P460-1show cam mac Show cpu load Show chassis-identityP460-1show chassis-identity P460-1show cpu load Show dscp Show dscpdscp P460-1show device-mode Show device-modeShow device-mode Show dynamic vlans Show environment fans Show environment powerShow dynamic vlans Router-1show dynamic vlans Show environment fans Show event-log Show environment powerShow event-log Show event-log Layer P460-1show intelligent-multicast Show interfaceP460-1show interface Show ip access-listspolicy-list-number Router-1 show ip access-listsShow ip arp Router-1show ip icmp Show ip icmpShow ip icmp Show ip interface Show ip ospf Router-1show ip interfaceShow ip ospf Router-1show ip ospf Show ip ospf interface Show ip ospf databaseRouter-1 super # show ip ospf interface Show ip ospf interface interface-name Show ip protocols Show ip ospf neighborRouter-1show ip ospf neighbor Show ip protocols protocol Show ip reverse-arp Router-1sh ip reverse-arp 0010a49897e0Show ip route Show ip route Router-1show ip route P460-1show ip routeShow ip route Layer Show ip route best-match Router-1 sh ip route static Router-1show ip route best-matchShow ip route static ip addr mask Show ip route summary Router-1 show ip unicast cache Router-1sh ip route summaryShow ip unicast cache ip addr Show ip unicast cache host net addrnet mask Show ip unicast cache networks net addr net mask Router-1show ip unicast cache hostShow ip unicast cache networks Router-1show ip unicast cache networks Show ip unicast cache nextHop Show ip unicast cache networks detailednet addr net maskRouter-1show ip unicast cache networks detailed 192.168.6.0 Router-1show ip unicast cache nextHop Show ip unicast cache summary Router-1show ip unicast cache summaryShow ip vrrp Show ip vrrp detail Show ip vrrp detail Show l2-config Master Show l2-config P460-1show l2-config 146 Avaya P460 Reference Guide Avaya P460 Reference Guide 147 148 Avaya P460 Reference Guide Avaya P460 Reference Guide 149 150 Avaya P460 Reference Guide Avaya P460 Reference Guide 151 152 Avaya P460 Reference Guide Avaya P460 Reference Guide 153 Show license Show license P460-1show logout P460-1show licenseShow logout Show module Supervisor Module P460-1show outband Show outbandShow outband Show port Description Show port auto-negotiation-flowcontrol-advertisementSet auto-negotiation-flowcontrol-advertisement module/port Show port channel P460-1 show port channelP460-1 show port channel 3/3 info P460-1show port classification 4/9 Port Port Classification Show port classification module/portP460-1show port classification 4/8 Show port flowcontrol module/port P460-1 show port flowcontrol 3/4 Field Show port redundancy Show port mirrorP460-1show port mirror port mirroring P460-1show port redundancy Show port trap P460-1show port trap 4/1 Show port vlan-binding-mode Show ppp authenticationShow ppp authentication Show port vlan-binding-mode module/port P460-1show ppp configuration P460-1show ppp authenticationShow ppp configuration Show ppp baud-rate Show rmon alarm Alarm Index Show ppp incoming timeoutP460-1show ppp incoming timeout Show ppp session Show rmon event Event Index P460-1show rmon alarmShow rmon event P460-1show rmon event P460-1show rmon history Show rmon historyShow rmon history History Index Show rmon statistics P460-1show rmon statistics Show secure currentP460-1#show secure current Show snmp P460-1show snmp Show snmp retries Show snmp timeoutP460-1show snmp timeout P460-1show snmp retries P460-1show spantree Field Description Show spv Syntax for this command is show spv Show system-log Show systemShow system Show system log P460-1show system-log Show system-log Layer Show time parameters Show timeP460-1show time P460-1 show time parameters P460-1show timezone Show trunkP460-1 show trunk 4/1 Show vlan Show usernameShow username Show vlan Example P460-1show vlan P460-1show web aux-files-url Show vlanShow web aux-files-url Sync spv Sync time Sync time Example P460-1#sync timeTech No timers spf spf-holdtime Traceroute hostRouter-1traceroute Username P460-1super#username root password secret access-type admin Avaya P460 CLI Commands 186 Avaya P460 Reference Guide Layer 2 CLI Commands Timezone Avaya P460 Reference Guide 189 Layer 2 CLI Commands 190 Avaya P460 Reference Guide Layer 3 CLI Commands Layer 3 CLI Commands Avaya P460 Reference Guide 193 Layer 3 CLI Commands 194 Avaya P460 Reference Guide AAL 100BASE-TX10BASE-T AAL5 ATM BootpARP BGP BUS CAMCBR CRC CSMA/CDDhcp DRU ElanESI FDX FCSFddi FTP Iana HECHttp Icmp Ilmi ImapIPX LAG ISLISO LAN LSA LecsLES MAN NMS MIBNAS NNI OSI NsapOID Ospf Pstn PnniPOP PVC Rmon RadiusRIP SAP Smon SARSlip Smtp Snap SnmpSTA SVC TCP/IPTftp VBR UDPUNI VCI Virtual Connection Virtual ChannelVirtual Circuit Virtual Path Glossary 214 Avaya P460 Reference Guide