Cisco Cisco IOS Software Release 12.4(2)XB6 Références techniques
6
12.4(15)XR2
Command Reference for Cisco PDSN Release 4.0 in IOS Release 12.4(15)XR
access list
To configure the access list mechanism for filtering frames by protocol type or vendor code, use the
access-list global configuration command. Use the no form of this command to remove the single
specified entry from the access list.
access-list global configuration command. Use the no form of this command to remove the single
specified entry from the access list.
access-list access-list-number {permit | deny} {type-code wild-mask | address mask}
no access-list access-list-number {permit | deny} {type-code wild-mask | address mask}
Syntax Description
Defaults
No numbered encryption access lists are defined, and therefore no traffic will be encrypted/decrypted.
After being defined, all encryption access lists contain an implicit “deny” (“do not encrypt/decrypt”)
statement at the end of the list.
After being defined, all encryption access lists contain an implicit “deny” (“do not encrypt/decrypt”)
statement at the end of the list.
Command Modes
Global configuration
Command History
access-list-number
Integer that identifies the access list. If the type-code wild-mask arguments
are included, this integer ranges from 200 to 299, indicating that filtering is
by protocol type. If the address and mask arguments are included, this
integer ranges from 700 to 799, indicating that filtering is by vendor code.
are included, this integer ranges from 200 to 299, indicating that filtering is
by protocol type. If the address and mask arguments are included, this
integer ranges from 700 to 799, indicating that filtering is by vendor code.
permit
Permits the frame.
deny
Denies the frame.
type-code
16-bit hexadecimal number written with a leading 0x; for example, 0x6000.
Specify either a Link Service Access Point (LSAP) type code for
802-encapsulated packets or a SNAP type code for SNAP-encapsulated
packets. (LSAP, sometimes called SAP, refers to the type codes found in the
DSAP and SSAP fields of the 802 header.)
Specify either a Link Service Access Point (LSAP) type code for
802-encapsulated packets or a SNAP type code for SNAP-encapsulated
packets. (LSAP, sometimes called SAP, refers to the type codes found in the
DSAP and SSAP fields of the 802 header.)
wild-mask
16-bit hexadecimal number whose ones bits correspond to bits in the
type-code argument. The wild-mask indicates which bits in the type-code
argument should be ignored when making a comparison. (A mask for a
DSAP/SSAP pair should always be 0x0101 because these two bits are used
for purposes other than identifying the SAP code.)
type-code argument. The wild-mask indicates which bits in the type-code
argument should be ignored when making a comparison. (A mask for a
DSAP/SSAP pair should always be 0x0101 because these two bits are used
for purposes other than identifying the SAP code.)
address
48-bit Token Ring address written in dotted triplet form. This field is used
for filtering by vendor code.
for filtering by vendor code.
mask
48-bit Token Ring address written in dotted triplet form. The ones bits in
mask are the bits to be ignored in address. This field is used for filtering by
vendor code.
mask are the bits to be ignored in address. This field is used for filtering by
vendor code.
Release
Modification
11.2
This command was introduced.