Enterasys Networks 1G58x-09 Manuel D’Utilisation
Security Configuration Command Set
Configuring Access Lists
14-96
Examples
This example shows how to define access list 101 to deny ICMP transmissions from any source and
for any destination:
for any destination:
This example shows how to define access list 102 to deny TCP packets transmitted from IP source
10.1.2.1 with a port number of 42 to any destination:
10.1.2.1 with a port number of 42 to any destination:
14.3.7.4 ip access-group
Use this command to apply access restrictions on an interface when operating in router mode.
ip access-group access-list-number {in | out}
Syntax Description
Command Syntax of the “no” Form
The “no” form of this command removes the specified access list:
no ip access-group access-list-number {in | out}
Command Type
Router command.
Command Mode
Interface configuration: Matrix>Router(config-if(Vlan <vlan_id>))#
Matrix>Router(config)#access-list 101 deny ICMP any any
Matrix>Router(config)#access-list 102 deny TCP host 10.1.2.1 eq 42 any
ROUTER: This command can be executed when the device is in router mode only.
For details on how to enable router configuration modes, refer to
For details on how to enable router configuration modes, refer to
access-list-number
Specifies the number of the access list to be applied to the
access list. This is a decimal number from 1 to 199.
access list. This is a decimal number from 1 to 199.
in
Filters inbound packets.
out
Filters outbound packets.