Filter
Top Products
60
Intel
®
NetStructure™ 480T Routing Switch User Guide
The subnet mask specified in the access profile command is
interpreted as a reverse mask. A reverse mask indicates the bits that
are significant in the IP address and specifies the part of the address
that must match the IP address to which the profile is applied.
If you configure an IP address as an exact match to be specifically
denied or permitted, use a mask of /32 (for example, 141.251.24.28/
32).
If the IP address represents a subnet address that you want to deny
or permit, then configure the mask to cover only the subnet portion
(for example, 141.251.10.0/24).
If you are using classless subnet masking (CIDR), the same logic
applies, but the configuration is more complex. For example, the
address 141.251.24.128/27 represents any host from subnet
141.251.24.128.
configure access-profile <access_profile>
delete {vlan <name> | ipaddress
<ipaddress> <mask>}
Deletes an IP address or VLAN name from the
access profile.
configure access-profile <access_profile>
mode [permit | deny | none]
Configures the access profile to one of the
following:
permit—Allows the addresses that match the
access profile description.
deny—Denies the addresses that match the
access profile description.
The default setting is
permit.
create access-profile <access_profile> type
[as-path] [bgp-community] ipaddress |
ipxret | ipxnode | ipxsap
Creates an access profile. After the access
profile is created, you can add one or more
addresses to it, and you can use the profile to
control a specific routing protocol.
delete access-profile <access_profile> Deletes an access profile.
show access-profile <access_profile> Displays access profile related information for
the switch.
Table 5.7: Access Profile Configuration Commands (continued)
Command Description