Configuring a mac acl – Dell POWEREDGE M1000E User Manual

Configuring Access Control Lists

571

To configure the switch:

1 Create an ACL named list1 and configures a rule for the ACL that permits

packets carrying TCP traffic that matches the specified Source IP address

(192.168.77.0/24), and sends these packets to the specified Destination IP

address (192.168.77.50).

console#config

console(config)#access-list list1 permit tcp

192.168.77.0 0.0.0.255 192.168.77.50 0.0.0.0

2 Define the rule to set similar conditions for UDP traffic as for TCP traffic.

console(config)#access-list list1 permit udp

192.168.77.0 0.0.0.255 192.168.77.3 0.0.0.255

console(config)#exit

3 Apply the rule to inbound (ingress) traffic on Gigabit Ethernet Port 2.

Only traffic matching the criteria will be accepted on this port.

console(config)#interface gi1/0/2

console(config-if-Gi1/0/2)#ip access-group list1

in

console(config-if-Gi11/0/2)#exit

Configuring a MAC ACL

The following example creates a MAC ACL named mac1 that denies all IPX

traffic on all ports. All other type of traffic is permitted.
To configure the switch:

1 Create a MAC Access List named mac1

console#config

console(config)#mac access-list extended mac1

2 Configure a rule to deny all IPX traffic, regardless of the source or

destination MAC address.

console(config-mac-access-list)#deny any any ipx

3 Configure a rule to permit all other types of traffic, regardless of the source

or destination MAC address.

console(config-mac-access-list)#permit any any

console(config-mac-access-list)#exit

4 Bind the ACL to all ports.