22-8
Cisco Systems Intelligent Gigabit Ethernet Switch Modules for the IBM BladeCenter, Software Configuration Guide
24R9746
Chapter 22 Configuring Network Security with ACLs
Configuring ACLs
Note In addition to numbered standard and extended ACLs, you can also create named standard and extended
IP ACLs by using the supported numbers. That is, the name of a standard IP ACL can be 1 to 99; the
name of an extended IP ACL can be 100 to 199. The advantage of using named ACLs instead of
numbered lists is that you can delete individual entries from a named list.
Creating a Numbered Standard ACL
Note For information about creating ACLs to apply to a management interface, see the “Configuring IP
Services” section of the Cisco IOS IP and IP Routing Configuration Guide, Cisco IOS Release 12.1 and
the Cisco IOS IP and IP Routing Command Reference, Cisco IOS Release 12.1. You can these apply
these ACLs only to a management interface.
Beginning in privileged EXEC mode, follow these steps to create a numbered standard IP ACL:
1200–1299 IPX summary address access list No
1300–1999 IP standard access list (expanded range) Yes
2000–2699 IP extended access list (expanded range) Yes
Table 22-2 Access List Numbers (continued)
ACL Number Type Supported
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
access-list access-list-number {deny | permit |
remark} {source source-wildcard | host source
| any}
Define a standard IP ACL by using a source address and wildcard.
The access-list-number is a decimal number from 1 to 99 or 1300
to 1999.
Enter deny or permit to specify whether to deny or permit access
if conditions are matched.
The source is the source address of the network or host from which
the packet is being sent:
• The 32-bit quantity in dotted-decimal format.
• The keyword any as an abbreviation for source and
source-wildcard of 0.0.0.0 255.255.255.255. You do not need
to enter a source wildcard.
• The keyword host as an abbreviation for source and
source-wildcard of source 0.0.0.0.
(Optional) The source-wildcard applies wildcard bits to the
source. (See first bullet item.)
Note The log option is not supported on the switches.
Step 3
end Return to privileged EXEC mode.