Filter
Top Products
388 CHAPTER 19: CONFIGURING AND MANAGING SECURITY ACLS
ACLs do not take effect until you map them to something (a user, Distributed
MAP, VLAN, port, or virtual port). To map an ACL, see “Mapping Security
ACLs” on page 390. To display the mapped ACLs, use the display security
acl command, without the editbuffer or info option.
Viewing the Edit Buffer
The edit buffer enables you to view the security ACLs you create before
committing them to the configuration. To view a summary of the ACLs in
the edit buffer, type the following command:
WX1200# display security acl editbuffer
ACL edit-buffer table
ACL Type Status
-------------------------------- ---- -------------
acl-99 IP Not committed
acl-blue IP Not committed
acl-violet IP Not committed
Viewing Committed Security ACLs
To view a summary of the committed security ACLs in the configuration,
type the following command:
WX1200# display security acl
ACL table
ACL Type Class Mapping
-------------------------------- ---- ------ -------
acl-2 IP Static
acl-3 IP Static
acl-4 IP Static
Viewing Security ACL Details
You can display the contents of one or all security ACLs that are
committed. To display the contents of all committed security ACLs, type
the following command:
WX1200# display security acl info
ACL information for all
set security acl ip acl-999 (hits #2 0)
----------------------------------------------------
1. deny IP source IP 192.168.0.1 0.0.0.0 destination IP any
2. permit IP source IP 192.168.0.2 0.0.0.0 destination IP any enable-hits
set security acl ip acl-2 (hits #1 0)
----------------------------------------------------
1. permit L4 Protocol 115 source IP 192.168.1.11 0.0.0.0 destination IP
192.168.1.15 0.0.0.0 precedence 0 tos 0 enable-hits