- 396 -
This command specified in 'Interface Config' mode only affects a single interface, whereas the 'Global
Config' mode setting is applied to all interfaces. The VLAN keyword is only valid in the 'Global Config'
mode.
Syntax
ip access-group {<1- 199> | <name>} [vlan <vlan-id>] in [<1-4294967295>]
no ip access-group {<1-199> | <name>} [vlan <vlan-id>] in
<1- 199> The identifier of this ACL.
<name> The name of this ACL.
<vlan-id> The associated VLAN ID of this ACL.
<1-4294967295> The sequence number of this ACL.
no - This command removes a ACL by identifier or name from the interface or vlan in a given
direction.
Default Setting
None
Command Mode
Global Config
Interface Config
7.22.2.8 ip access-list
Use this command to create an extended IP Access Control List (ACL) identified by <name>, consisting
of classification fields defined for the IP header of an IPv4 frame. The <name> parameter is a
case-sensitive alphanumeric string from 1 to 31 characters uniquely identifying the IP access list.
If an IP ACL by this name already exists, this command enters IPv4-Access_List config mode to allow
updating the existing IP ACL.
The CLI mode changes to IPv4-Access-List Configuration mode when you successfully execute this
command.
Syntax
Ip access-list <name>
no ip access-list <name>
no - This command removes the IP ACL identified by <name> from the system.
Default Setting