Filter
Top Products
Chapter 1 Controlling CSS Access
Controlling CSS Network Traffic Through Access Control Lists
1-26
Cisco Content Services Switch Security Configuration Guide
OL-5650-02
For example, you apply ACL 7 to VLAN1 and then globally enable ACLs on the
CSS. At a later time, to add a new clause to ACL 7 and to have the clause take
effect on the CSS, enter:
(config-acl[7])# clause 200 permit any any destination any
(config-acl[7])# apply circuit-(VLAN1)
Deleting a Clause
If you modify an existing clause, you must delete it from the ACL and then readd
it. To delete a clause, use the no clause command. For example, to delete clause
6, enter:
(config-acl[7]) no clause 6
When ACLs are applied to a circuit and enabled on a CSS, the CSS considers them
in use. You cannot delete a clause from an ACL in use. To delete the clause,
remove its applied ACL from the circuit, delete a clause, and then reapply the
ACL to the circuit.
For example, to delete clause 6 from ACL 7 on circuit VLAN1:
1. In ACL mode, remove ACL 7 from the circuit VLAN1. Enter:
(config-acl[7]) remove circuit-(VLAN1)
2. Delete clause 6. Enter:
(config-acl[7]) no clause 6
3. Reapply ACL 7 to circuit VLAN1. Enter:
(config-acl[7]) apply circuit-(VLAN1)