Ip access-group – Dell POWEREDGE M1000E User Manual

Page 213

Advertising
background image

2-183

Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command Reference

OL-13271-03

Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commands

ip access-group

ip access-group

Use the ip access-group interface configuration command on the switch stack or on a standalone switch
to control access to a Layer 2 or Layer 3 interface. Use the no form of this command to remove all access
groups or the specified access group from the interface.

ip access-group {access-list-number | name} {in | out}

no ip access-group [access-list-number | name] {in | out}

Syntax Description

Defaults

No access list is applied to the interface.

Command Modes

Interface configuration

Command History

Usage Guidelines

You can apply named or numbered standard or extended IP access lists to an interface. To define an
access list by name, use the ip access-list global configuration command. To define a numbered access
list, use the access list global configuration command. You can used numbered standard access lists
ranging from 1 to 99 and 1300 to 1999 or extended access lists ranging from 100 to 199 and 2000 to
2699.

You can use this command to apply an access list to a Layer 2 or Layer 3 interface. However, note these
limitations for Layer 2 interfaces (port ACLs):

You can only apply ACLs in the inbound direction; the out keyword is not supported for Layer 2
interfaces.

You can only apply one IP ACL and one MAC ACL per interface.

Layer 2 interfaces Port ACLs do not support logging; if the log keyword is specified in the IP ACL,
it is ignored.

An IP ACL applied to a Layer 2 interface only filters IP packets. To filter non-IP packets, use the
mac access-group interface configuration command with MAC extended ACLs.

access-list-number

The number of the IP access control list (ACL). The range is 1 to 199 or
1300 to 2699.

name

The name of an IP ACL, specified in the ip access-list global configuration
command.

in

Specify filtering on inbound packets.

out

Specify filtering on outbound packets. This keyword is valid only on
Layer 3 interfaces.

Release

Modification

12.2(40)EX1

This command was introduced.

Advertising
Popular Brands
Popular manuals