Access-group, Access-group 8 – Allied Telesis AT-8100 Series User Manual
Page 1568
Chapter 99: ACL Commands
1568
ACCESS-GROUP
Syntax
access-group
id_number
access-group
id_number|list_name
Parameters
id_number
Specifies the ID number of an access control list you want to add
to a port. The range is 3000 to 3699. You can add one ACL to a
port at a time with this command.
list_name
Specifies Named IP ACL. You can add one ACL to a port at a time
with this command.
Mode
Port Interface mode
Description
Use this command to add IP ACLs to ports on the switch. Ports begin to
filter packets as soon as they are assigned ACLs. This command works
for all ACLs, except for MAC address ACLs, which are added to ports with
the MAC ACCESS-GROUP command. See “MAC ACCESS-GROUP” on
page 1633.
Note
If a port is to have both permit and deny ACLs, you must add the
permit ACLs first because ingress packets are compared against the
ACLs in the order in which they are added to a port. If you add the
deny ACLs before the permit ACLs, a port is likely to block traffic you
want it to forward.
Use the no version of this command, NO ACCESS-GROUP, to remove IP
ACL from a port on the switch.
Confirmation Command