Access-group, Access-group 3 – Allied Telesis AT-9000 Series User Manual
Page 1231
AT-9000 Switch Command Line User’s Guide
1203
ACCESS-GROUP
Syntax
access-group
id_number
Parameters
id_number
Specifies the ID number of an access control list you want to add to
a port. The range is 3000 to 3699. You can add one ACL to a port
at a time with this command.
Mode
Port Interface mode
Description
Use this command to add IP ACLs to ports on the switch. Ports begin to
filter packets as soon as they are assigned ACLs. This command works for
all ACLs, except for MAC address ACLs, which are added to ports with the
MAC ACCESS-GROUP command. See “MAC ACCESS-GROUP” on
page 1228.
Note
If a port is to have both permit and deny ACLs, you must add the
permit ACLs first because ingress packets are compared against the
ACLs in the order in which they are added to a port. If you add the
deny ACLs before the permit ACLs, a port is likely to block traffic you
want it to forward.
Use the no version of this command, NO ACCESS-GROUP, to remove IP
ACL from a port on the switch.
Confirmation Command