Nortel 2350 用户指南
422 Configuring and managing security ACLs
NN47250-500 (320657-F Version 02.01)
Clearing security ACLs
The clear security acl command removes the ACL from the edit buffer only. To clear a security ACL, enter a specific
ACL name, or enter all to delete all security ACLs. To remove the security ACL from the running configuration and
nonvolatile storage, you must also use the commit security acl command.
ACL name, or enter all to delete all security ACLs. To remove the security ACL from the running configuration and
nonvolatile storage, you must also use the commit security acl command.
For example, the following command deletes acl-99 from the edit buffer:
WSS# clear security acl acl-99
To clear acl-99 from the configuration, type the following command:
WSS# commit security acl acl-99
success: change accepted
success: change accepted
Mapping security ACLs
An ACL does not take effect until you commit it and map it to a user or an interface.
User-based security ACLs are mapped to an IEEE 802.1X authenticated session during the AAA process. You can
specify that one of the authorization attributes returned during authentication is a named security ACL. The WSS maps
the named ACL automatically to the user’s authenticated session.
specify that one of the authorization attributes returned during authentication is a named security ACL. The WSS maps
the named ACL automatically to the user’s authenticated session.
Security ACLs can also be mapped statically to ports, VLANs, virtual ports, or Distributed APs. User-based ACLs are
processed before these ACLs, because they are more specific and closer to the network edge.
processed before these ACLs, because they are more specific and closer to the network edge.