Beginning in privileged EXEC mode, follow these steps to control access to an interface:
SUMMARY STEPS
1.
configure terminal
2.
interface interface-id
3.
ip access-group {access-list-number | name} {in | out}
4.
end
5.
show running-config
6.
copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters the global configuration mode.configure terminal
Example:
Switch# configure terminal
Step 1
Identifies a specific interface for configuration, and enter
interface configuration mode.
interface interface-id
Example:
Switch(config)# interface gigabitethernet1/0/1
Step 2
The interface can be a Layer 2 interface (port ACL), or a
Layer 3 interface (router ACL).
Controls access to the specified interface.
ip access-group {access-list-number | name} {in | out}
Step 3
Example:
Switch(config-if)# ip access-group 2 in
The out keyword is not supported for Layer 2 interfaces
(port ACLs).
Returns to privileged EXEC mode.end
Example:
Switch(config-if)# end
Step 4
Displays the access list configuration.show running-config
Example:
Switch# show running-config
Step 5
(Optional) Saves your entries in the configuration file.copy running-config startup-config
Example:
Switch# copy running-config startup-config
Step 6
Catalyst 2960-XR Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX1
OL-29434-01 131
Configuring IPv4 ACLs
Applying an IPv4 ACL to an Interface
To Next Page
Loading...
Need help?
General