3 access-list (extended), Access-list (extended) -92, Section 14.3.7.3 – Enterasys Networks 1G58x-09 User Manual

Security Configuration Command Set

Configuring Access Lists

14-92

Matrix E1 Series (1G58x-09 and 1H582-xx) Configuration Guide

Command Syntax of the “no” Form

The “no” form of this command removes the defined access list or entry:

no access-list access-list-number [entry]

Command Type

Router command.

Command Mode

Global configuration: Matrix>Router(config)#

Command Defaults

•

If insert, replace or move are not specified, the new entry will be appended to
the access list.

•

If source2 is not specified with move, only one entry will be moved.

Examples

This example shows how to allow access to only those hosts on the three specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address
that does not match the access list statements will be rejected:

This example moves entry 16 to the beginning of ACL 144:

14.3.7.3 access-list (extended)

Use this command to define an extended IP access list by number when operating in router mode.
Restrictions defined by an access list are applied by using the ip access-group command as
described in

Section 14.3.7.4

.

access-list access-list-number [insert | replace entry] | [move destination source1
[source2]] {deny | permit} protocol source [source-wildcard] [operator [port]]
destination [destination-wildcard] [operator [port]] [icmp-type [icmp-code]
[established]

Matrix>Router(config)#access-list 1 permit 192.5.34.0 0.0.0.255

Matrix>Router(config)#access-list 1 permit 128.88.0.0 0.0.255.255

Matrix>Router(config)#access-list 1 permit 36.0.0.0 0.255.255.255

Matrix>Router(config)#access-list 144 move 1 16