Creating named ipv4 address acls, Ble 169. numbered mac acl example 1 – Allied Telesis AT-8100 Series User Manual

Page 1541

Advertising
background image

AT-8100 Switch Command Line User’s Guide

1541

The example in Table 169 configures port 19 to reject packets containing
destination MAC addresses starting with A4:54:86:12:

Creating Named

IPv4 Address

ACLs

The Named IPv4 address ACLs are created with the IP ACCESS-LIST
commands. The Named IP ACL with the IP ACCESS-LIST command
automatically places you in the IP ACL mode where you can add the filter
as well as the source and destination IPv4 addresses. Also, you can
assign the ACL to a VLAN.

There are seven commands for creating Named IPv4 ACLs. The IP
ACCESS-LIST command allows you to create a Named IPv4 ACL and
enters the IP ACL command mode. After you enter the IP ACL mode, you
can enter the remaining six commands which provide one command for
each filtering criterion. The commands are listed in Table 170.

Table 169. Numbered MAC ACL Example

Command

Description

awplus> enable

Enter the Privileged Executive mode from
the User Executive mode.

awplus# configure terminal

Enter the Global Configuration mode.

awplus(config)# access-list 4102
deny any a4:54:86:12:00:00
00:00:00:00:ff:ff

Define ACL 4012 to deny any frame with the
destination MAC address that starts with
a4:54:86:12.

awplus(config)# interface port1.0.19

Access the Port Interface mode for port 19.

awplus(config_if)# mac access-group
4102

Apply the ACL to the port.

Table 170. IP ACCESS-LIST Commands for Creating Named IPv4 ACLs

To Do This Task

Use this Command

Create a Named IPv4 Address ACL and
enter the IP ACL command mode.

IP ACCESS-LIST

name

Define a Named IPv4 Address ACL that
filters ICMP packets.

action

icmp

scr_ipaddress

dest_ipaddres

time-range

[vlan

vid

]

Define a Named IPv4 Address ACL that
filters IP packets based on source and
destination IP addresses.

action

ip

scr_ipaddress

dest_ipaddress

time-range

[vlan

vid

]

Define a Named IPv4 Address ACL that
filters packets based on source and
destination MAC addresses.

action scr_mac_address
dest_mac_address

time-range

[vlan

vid

]

Advertising
Popular Brands
Popular manuals