Filter
Top Products
AT-9000 Switch Command Line User’s Guide
1213
This example creates a deny access list, ID number 3095, that discards all
untagged ingress packets that have destination addresses in the
149.112.2.0 subnet, on ports 11 to 13:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3095 deny ip any
149.112.2.0/24
awplus(config)# interface port1.0.11-port1.0.13
awplus(config_if)# access-group 3095
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.11-port1.0.13 access-group
This example creates a deny access list, ID number 3202, that discards all
tagged ingress packets on port 24 that are from the 157.11.21.0 subnet
and are going to an end node with the IP address 157.11.21.45. The VID
of the tagged packets is 15:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3202 deny ip 157.11.21.0/24
157.11.21.45/32 vlan 15
awplus(config)# interface port1.0.24
awplus(config_if)# access-group 3202
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.24 access-group
This example is the same as the previous example, except the HOST
keyword is used to indicate the IP address of the destination node:
awplus> enable
awplus# configure terminal
awplus(config)# access-list 3202 deny ip 157.11.21.0/24 host
157.11.21.45 vlan 15
awplus(config)# interface port1.0.24
awplus(config_if)# access-group 3202
awplus(config_if)# end
awplus# show access-list
awplus# show interface port1.0.24 access-group