10-74
IPv4 Access Control Lists (ACLs)
Configuring Extended ACLs
Figure 10-19. Example of Configuration Commands for Extended ACLs
Configuring Numbered, Extended ACLs
This section describes the commands for performing the following in a
numbered, extended ACL:
■ creating the ACL by entering the first ACE in the list
■ appending a new ACE to the end of an existing ACL
For other IPv4 ACL topics, refer to the following:
HP Switch(config)# ip access-list extended Extended-List-02
HP Switch(config-ext-nacl)# permit tcp host 10.10.20.100 host
10.10.30.55 eq ftp
HP Switch(config-ext-nacl)# deny tcp 10.10.20.1/24 any eq ftp log
HP Switch(config-ext-nacl)# permit ip any any
HP Switch(config-ext-nacl)# exit
HP Switch(config)# vlan 20 ip access-group Extended-List-02 in
HP Switch(config)# ip access-list extended Extended-List-01
HP Switch(config-ext-nacl)# permit tcp host 10.10.10.44 host
10.10.20.78 eq telnet
HP Switch(config-ext-nacl)# deny ip 10.10.10.1/24 10.10.20.1/24
HP Switch(config-ext-nacl)# permit ip any any
HP Switch(config-ext-nacl)# exit
HP Switch(config)# vlan 10 ip access-group Extended-List in
A (Refer to figure 10-18 on page
B (Refer to figure 10-18 on page
Topic Page
configuring named, standard ACLs 10-52
configuring numbered, standard ACLs 10-55
configuring named, extended ACLs 10-61
applying or removing an ACL on an interface 10-81
deleting an ACL 10-85
editing an ACL 10-86
sequence numbering in ACLs 10-87
including remarks in an ACL 10-92
displaying ACL configuration data 10-97
creating or editing ACLs offline 10-107
enabling ACL “Deny” logging 10-112
To Next Page
Loading...
Need help?
General