Cisco WS-C6506 Software Manual page 448

Catalyst 6500 series switch

Hide thumbs Also See for WS-C6506:

Manual (110 pages)

Installation manual (336 pages)

Table of Contents

Configuring VACLs

2. permit any 1

3. deny any any 1.A.3.4

4. redirect 4/1 any 3456

5. permit any any

ACL IPXACL1 Status: Not Committed

Console> (enable)

This example shows how to commit the ACEs to NVRAM:

Console> (enable) commit security acl all

ACL commit in progress.

ACL IPXACL1 is committed to hardware.

Console> (enable)

For more information about the commit security acl all command, see the

Enter the show security acl info IPXACL1 command to verify that the changes were committed. If this

VACL has not been mapped to a VLAN, enter the set security acl map command to map it to a VLAN.

Creating a Non-IP Version 4/Non-IPX VACL (MAC VACL) and Adding ACEs

The IP and IPX traffic are not access controlled by the MAC VACLs. All other traffic types (AppleTalk,

DECnet, and so on) are classified as the MAC traffic and the MAC VACLs are used to access control this

To create a new non-IP version 4/non-IPX VACL and add the ACEs, or to add the ACEs to an existing

non-IP version 4/non-IPX VACL, perform this task in privileged mode:

Create a new non-IP

version 4/non-IPX VACL and add the

ACEs, or add the ACEs to an existing

non-IP version 4/non-IPX VACL.

This example shows how to create an ACE for MACACL1 to block all traffic from 8-2-3-4-7-A:

Console> (enable) set security acl mac MACACL1 deny host 8-2-3-4-7-A any

MACACL1 editbuffer modified. Use 'commit' command to apply changes.

Console> (enable)

This example shows how to create an ACE for MACACL1 to block all traffic to A-B-C-D-1-2:

Console> (enable) set security acl mac MACACL1 deny any host A-B-C-D-1-2

MACACL1 editbuffer modified. Use 'commit' command to apply changes.

Console> (enable)

This example shows how to create an ACE for MACACL1 to allow the traffic from all sources:

Console> (enable) set security acl mac MACACL1 permit any any

MACACL1 editbuffer modified. Use 'commit' command to apply changes.

Console> (enable)

Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7

set security acl mac {acl_name} {permit | deny}

{src_mac_addr_spec} {dest_mac_addr_spec} [ethertype]

[capture] [before editbuffer_index | modify

editbuffer_index]

Configuring Access Control

"Committing ACLs" section

Show Quick Links

Table of Contents

Troubleshooting

Catalyst 6506 Catalyst 6509 Catalyst 6513

Cisco WS-C6506 Software Manual page 448

Hide quick links:

Troubleshooting

Related Manuals for Cisco WS-C6506

Related Products for Cisco WS-C6506

This manual is also suitable for:

Table of Contents