Enterasys Networks 1G58x-09, 1H582-xx, E1 Series 14.3.7.4 ip access-group

Security Configuration Command Set

Configuring Access Lists

14-96 Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Examples

This example shows how to define access list 101 to deny ICMP transmissions from any source and

for any destination:

This example shows how to define access list 102 to deny TCP packets transmitted from IP source

10.1.2.1 with a port number of 42 to any destination:

14.3.7.4 ip access-group

Use this command to apply access restrictions on an interface when operating in router mode.

ip access-group access-list-number {in | out}

Syntax Description

Command Syntax of the “no” Form

The “no” form of this command removes the specified access list:

no ip access-group access-list-number {in | out}

Command Type

Router command.

Command Mode

Interface configuration: Matrix>Router(config-if(Vlan <vlan_id>))#

Matrix>Router(config)#access-list 101 deny ICMP any any

Matrix>Router(config)#access-list 102 deny TCP host 10.1.2.1 eq 42 any

ROUTER: This command can be executed when the device is in router mode only.

For details on how to enable router configuration modes, refer to Section 3.3.3.

access-list-number Specifies the number of the access list to be applied to the

access list. This is a decimal number from 1 to 199.

in Filters inbound packets.

out Filters outbound packets.