3 mac access-group in, 4 mac access-list – Fortinet 548B User Manual

Page 393

Advertising
background image

- 393 -

<newname> - New name which uniquely identifies the MAC access list.

Default Setting

None

Command Mode

Global Config

7.22.2.3 mac access-group in

This command attaches a specific MAC Access Control List (ACL) identified by <name> to an

interface, or associates it with a VLAN ID, in a given direction. The <name> parameter must be the name
of an exsiting MAC ACL.

An optional sequence number may be specified to indicate the order of this access list relative to other
access lists already assigned to this interface and direction. A lower number indicates higher
precedence order. If a sequence number is already in use for this interface and direction, the specified
access list replaces the currently attached access list using that sequence number. If the sequence
number is not specified for this command, a sequence number that is one greater than the highest
sequence number currently in use for this interface and direction will be used.

This command specified in 'Interface Config' mode only affects a single interface, whereas the 'Global
Config' mode setting is applied to all interfaces. The 'Interface Config' mode command is only available
on platforms that support independent per-port class of service queue configuration. The VLAN keyword
is only valid in the 'Global Config' mode.

Syntax

mac access-group <name> [vlan <vlan-id>] in [<1-4294967295>]
no mac access-group <name> [vlan <vlan-id>] in

<no> - This command removes a MAC ACL identified by <name> from the interface or vlan in a
given direction.

Default Setting

None

Command Mode

Global Config

Interface Config

7.22.2.4 mac access-list

This command creates a new rule for the current MAC access list. Each rule is appended to the list of
configured rules for the list. Note that an implicit 'deny all' MAC rule always terminates the access list.
Note: The 'no' form of this command is not supported, as the rules within an ACL cannot be deleted
individually. Rather, the entire ACL must be deleted and re-specified.

Advertising
Popular Brands
Popular manuals