Filter
Top Products
Security Configuration Command Set
Configuring Access Lists
Matrix NSA Series Configuration Guide 14-167
Command Syntax of the “no” Form
The “no” form of this command removes the defined access list or entry:
no access-list access-list-number [entry]
Command Type
Router command.
Command Mode
Global configuration: Matrix>Router1(config)#
Command Defaults
• If insert, replace, or move are not specified, the new entry will be appended
to the access list.
• If source2 is not specified with move, only one entry will be moved.
• If icmp-type and icmp-code are not specified, ICMP parameters will be applied
to all ICMP message types.
• If operator and port are not specified, access parameters will be applied to all
TCP or UDP ports.
Examples
This example shows how to define access list 101 to deny ICMP transmissions from any source and
for any destination:
This example shows how to define access list 102 to deny TCP packets transmitted from IP source
10.1.2.1 with a port number of 42 to any destination
.
This example shows how to define access list 101 to deny TCP packets transmitted from any IP
source port with the precedence field set to a value of 3 and the tos field set to a value of 4.
log (Optional) Enable the rule being configured for syslog.
Matrix>Router1(config)#access-list 101 deny ICMP any any
Matrix>Router1(config)#access-list 102 deny TCP host 10.1.2.1 eq 42 any
Matrix>Router1(config)#access-list 101 deny tcp any precedence 3 tos 4