Assigning named ipv4 acls, Assigning named ipv4 acls example 7 – Allied Telesis AT-8100 Series User Manual

AT-8100 Switch Command Line User’s Guide

1547

Assigning Named

IPv4 ACLs

To assign a Named IPv4 ACL to a port on the switch, use the ACCESS-
GROUP command in the Port Interface mode. Before you can assign an
ACL to a port, you must create the ACL on the switch. You can add
one ACL at a time to a port with the IP ACCESS-GROUP command. This
is the format of the command:

access-group

list_name

For more information about this command, see “ACCESS-GROUP” on
page 1568.

This example creates a Named IPv4 ACL, called “udpdeny”, that denies
UDP packets from IPv4 source address 190.155.0.0/16 to IPv4 destination
address 190.155.22.3/32. See Table 177. Then the ACCESS-GROUP
command assigns “udpdeny” to port 20:

awplus(config)# interface
port1.0.7

Move to the Port Interface mode for port 7.

awplus(config_if)# mac access-
group 4025

Apply the ACL to the port with the ACCESS-
GROUP command.

awplus(config_if)# mac access-
group 4055

Apply the ACL to the port with the ACCESS-
GROUP command.

Table 176. Assigning MAC Address ACLs Example (Continued)

Command

Description

Table 177. Assigning Named IPv4 ACLs Example

Command

Description

awplus> enable

Enter the Privileged Executive mode from
the User Executive mode.

awplus# configure terminal

Enter the Global Configuration mode.

awplus(config)# ip access-list
udpdeny

Create the deny ACL.

awplus(config-ip-acl)# deny
udp 190.155.0.0/16
190.155.22.3/32

Assign filter criterion to the deny ACL.

awplus(config-ip-acl)# exit

Exit the IP ACL mode.

awplus(config)# interface
port1.0.20

Move to the Port Interface mode for port 20.

awplus(config_if)# access-
group udpdeny

Apply the ACL to the port with the ACCESS-
GROUP command.