Security and authentication
11.5 Port Access Control List Locked Ports
SCALANCE XM-400/XR-500 Command Line Interface (CLI)
730 Configuration Manual, 11/2015, C79000-G8976-C252-10
Note
Subnet mask for individual hosts
If
you create the rule for a single system (one IP address), you will need to specify the
subnet mask "255,255,255,255". As an alternative, you can specify the keyword "host"
followed by the IP address.
You delete the IP access control list with the no ip access-list standard <acl-num>
command.
You display the configuration of the access control list with the
show access-lists command.
Port Access Control List Locked Ports
With the Port Access Control List Locked Ports functionality, MAC addresses that do not age
are collected on a port after the
start command. With the stop command, these addresses
are converted to static entries in the address list and the aging is reactivated for all the
addresses that follow.
If the learning of addresses on this port is then disabled, data packets are only forwarded to
the static addresses entered in the table.
This section describes commands relevant for the configuration of this function.
This section describes commands with which you display various settings.
show lock port
Description
This command shows whether or not the learning of MAC entries is enabled or locked on an
interface.
You are in the User EXEC mode or in the Privileged EXEC mode.
The command prompt is as follows:
cli> or cli#
To Next Page
Loading...
Need help?
General