Applying an IP ACL as a Port ACL
4. (Optional) show running-config aclmgr
5. (Optional) copy running-config startup-config
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 2
Enter one of the following commands:
• interface ethernet slot/port[. number]
• interface port-channel channel-number
• interface vlan vlan-id
• interface mgmt port
Example:
switch(config)# interface ethernet 2/3
switch(config-if)#
Step 3
Enter one of the following commands:
• ip access-group access-list {in | out}
• ipv6 traffic-filter access-list {in | out}
Example:
switch(config-if)# ip access-group acl1 in
Step 4
(Optional) show running-config aclmgr
Example:
switch(config-if)# show running-config aclmgr
Step 5
(Optional) copy running-config startup-config
Example:
switch(config-if)# copy running-config
startup-config
Related Topics
Applying an IP ACL as a Port ACL
You can apply an IPv4 or IPv6 ACL to a Layer 2 interface, which can be a physical port or a port channel.
ACLs applied to these interface types are considered port ACLs.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
260
Creating an IP
ACL, on page 233
Purpose
Enters global configuration mode.
Enters configuration mode for the interface type that you
specified.
Applies an IPv4 or IPv6 ACL to the Layer 3 interface for
traffic flowing in the direction specified. You can apply one
router ACL per direction.
Displays the ACL configuration.
Copies the running configuration to the startup
configuration.
Configuring IP ACLs