Assigning mac address acls to a port, Assigning mac address acls to a port 6, Assigning numbered ipv4 acls 6 – Allied Telesis AT-8100 Series User Manual
Page 1546: Assigning mac address acls example 6
Chapter 98: Advanced Access Control Lists (ACLs)
1546
In this example, ports 12 and 13 are assigned an ACL, ID number 3075,
that blocks all untagged ingress packets with a destination address in the
149.107.22.0 subnet. See Table 175.
Assigning MAC
Address ACLs to
a Port
To assign a MAC ACL to a port on the switch, use the MAC ACCESS-
GROUP command in the Port Interface mode. Using this command, you
can add one MAC ACL to a port or several ports. The ACL must exist on
the switch. Here is the format of the command:
mac access-group
id_number
For more information about this command, see “MAC ACCESS-GROUP”
on page 1633.
This example creates two MAC ACLs with ID numbers of 4025 and 4055.
ACL 4025 permits only packets that have source MAC addresses starting
with “45:2A:B5:”. ACL 4055 denies all other MAC addresses. Then assign
both ACLs to port 7:
Table 175. Assigning Numbered IPv4 ACLs
Command
Description
awplus> enable
Enter the Privileged Executive mode from the
User Executive mode.
awplus# configure terminal
Enter the Global Configuration mode.
awplus(config)# access-list 3075
deny ip any 149.107.22.0/24
Create the deny ACL.
awplus(config)# interface
port1.0.12,port1.0.13
Enter the Port Interface mode for ports 12 and
13.
awplus(config_if)# access-group
3075
Apply the ACL to the ports with the ACCESS-
GROUP command.
Table 176. Assigning MAC Address ACLs Example
Command
Description
awplus> enable
Enter the Privileged Executive mode from the
User Executive mode.
awplus# configure terminal
Enter the Global Configuration mode.
awplus(config)# access-list
4025 permit 45:2a:b5:00:00:00
00:00:00:ff:ff:ff any
Create the permit ACL.
awplus(config)# access-list
4055 deny any any
Create the deny ACL.