37-17
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 37 Configuring Network Security with ACLs
How to Configure Network Security with ACLs
Applying an IPv4 ACL to a Terminal Line
This task restricts incoming and outgoing connections between a virtual termi nal line and the addresses
in an ACL:
Applying an IPv4 ACL to an Interface
Creating Named MAC Extended ACLs
Command Purpose
Step 1 configure terminal Enters global configuration mode.
Step 2 line [console | vty] line-number Identifies a specific line to configure, and enters in-line configuration mode.
console—Specifies the console terminal line. The console port is DCE.
vty—Specifies a virtual terminal for remote console access.
The line-number is the first line number in a contiguous group that you want
to configure when the line type is specified. The range is from 0 to 16.
Step 3 access-class access-list-number
{in | out}
Restricts incoming and outgoing connections between a particula r virtual
terminal line (into a device) and the addresses in an access list.
Step 4 end Returns to privileged EXEC mode.
Command Purpose
Step 1 configure terminal Enters global configuration mode.
Step 2 interface interface-id Identifies a specific interface for configuration, and enters interface
configuration mode.
The interface is a Layer 2 interface (port ACL).
Step 3 ip access-group {access-list-number |
name} {in | out}
Controls access to the specified interface.
The out keyword is not supported for Layer 2 interfaces (port ACLs).
Step 4 end Returns to privileged EXEC mode.
Command Purpose
Step 1 configure terminal Enters global configuration mode.
Step 2 mac access-list extended name Defines an extended MAC access list using a name.