Filter
Top Products
6.3.3 Applying an Access List to an Interface
After creating your access lists, you can choose interfaces for which the access lists will be applied. If no interfaces
are explicitly selected, the access list is applied to all interfaces.
To select the interface for an access list, use the following command:
Command Purpose
access-list name acl1 set portlist ……
Select interfaces that the access list ‘acl1’ will be applied
In the next example, we will create an extended access list that will allow only SMTP bound traffic (port 25) to be
forwarded on port 7, and deny all other traffic.
Switch(Config)# access-list name acl_tcp_dst_smtp add priority 1
Switch(Config)# access-list name acl_tcp_dst_smtp set ip-mode l4port dst-port from 25
to 25
Switch(Config)# access-list name acl_tcp_dst_smtp set portlist 7
Switch(Config)# access-list name acl_tcp_dst_smtp action permit
Switch(Config)# access-list name acl_deny_all add priority 2
Switch(Config)# access-list name acl_deny_all set ip-mode l4port dst-port from 25 to
25
Switch(Config)# access-list name acl_deny_all set mac-mode macsa 00-00-94-12-34-56 00-
00-00-00-00
Switch(Config)# access-list name acl_deny_all action deny
6.3.4 Enabling an Access List
To enable a configured access list, use the command below. All the examples above require execution of the ‘enable’
command to make the access lists effective.
Command Purpose
access-list name acl_name enable
Enable an access list named ‘acl_name’ .
52 Asante IC3724PWR User’s Manual