hit counter script

Applying An Ipv4 Acl To A Terminal Line; Applying An Ipv4 Acl To An Interface - Cisco IE 3000 Software Configuration Manual

Table of Contents

Advertisement

Configuring IPv4 ACLs
For an entry in a named IP ACL, use the remark access-list configuration command. To remove the
remark, use the no form of this command.
In this example, the Jones subnet is not allowed to use outbound Telnet:
Switch(config)# ip access-list extended telnetting
Switch(config-ext-nacl)# remark Do not allow Jones subnet to telnet out
Switch(config-ext-nacl)# deny tcp host 171.69.2.88 any eq telnet

Applying an IPv4 ACL to a Terminal Line

You can use numbered ACLs to control access to one or more terminal lines. You cannot apply named
ACLs to lines. You must set identical restrictions on all the virtual terminal lines because a user can
attempt to connect to any of them.
For procedures for applying ACLs to interfaces, see the
on page
Beginning in privileged EXEC mode, follow these steps to restrict incoming and outgoing connections
between a virtual terminal line and the addresses in an ACL:
Command
Step 1
configure terminal
Step 2
line [console | vty] line-number
Step 3
access-class access-list-number
{in | out}
Step 4
end
Step 5
show running-config
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
To remove an ACL from a terminal line, use the no access-class access-list-number {in | out} line
configuration command.

Applying an IPv4 ACL to an Interface

This section describes how to apply IPv4 ACLs to network interfaces. Note these guidelines:
Cisco IE 3000 Switch Software Configuration Guide
30-16
30-16.
Purpose
Enter global configuration mode.
Identify a specific line to configure, and enter in-line configuration mode.
The line-number is the first line number in a contiguous group that you want
to configure when the line type is specified. The range is from 0 to 16.
Restrict incoming and outgoing connections between a particular virtual
terminal line (into a device) and the addresses in an access list.
Return to privileged EXEC mode.
Display the access list configuration.
Apply an ACL only to inbound Layer 2 interfaces.
When controlling access to an interface, you can use a named or numbered ACL.
"Applying an IPv4 ACL to an Interface" section
console—Specify the console terminal line. The console port is DCE.
vty—Specify a virtual terminal for remote console access.
Chapter 30
Configuring Network Security with ACLs
OL-13018-01

Advertisement

Table of Contents
loading

Table of Contents