Comtrol ES9528-XT User Guide User Manual

RocketLinx ES9528 and ES9528-XT User Guide: 2000508 Rev. G

Security (CLI) - 173

Configuration Using the Command Line Interface (CLI)

Port Security (Continued)

Add IP Extended access
list

Switch(config)# ip access-list extended

<100-199> Extended IP access-list number

<2000-2699> Extended IP access-list number (expanded range)

WORD access-list name

Switch(config)# ip access-list extended 100

Switch(config-ext-acl)#

deny Specify packets to reject

permit Specify packets to forward

end End current mode and down to previous mode

exit Exit current mode and down to previous mode

list Print command list

no Negate a command or set its defaults

quit Exit current mode and down to previous mode

remark Access list entry comment

Example 1: Edit MAC
access list

Switch(config-ext-macl)#permit

MACADDR Source MAC address xxxx.xxxx.xxxx

any any source MAC address

host A single source host

Switch(config-ext-macl)#permit host

MACADDR Source MAC address xxxx.xxxx.xxxx

Switch(config-ext-macl)#permit host 00C0.4e33.2233

MACADDR Destination MAC address xxxx.xxxx.xxxx

any any destination MAC address

host A single destination host

Switch(config-ext-macl)#permit host 00C0.4e33.2233 host

MACADDR Destination MAC address xxxx.xxxx.xxxx

Switch(config-ext-macl)#permit host 00C0.4e33.2233 host

00C0.4e33.2234

[IFNAME] Egress interface name

Switch(config-ext-macl)#permit host 00C0.4e33.2233 host

00c01.4e33.2234 gi25

MAC Rule

: Permit/Deny wildcard Source_MAC wildcard Dest_MAC

Egress_Interface.