ACL setup
| conf t |
| enter into configuration mode |
| access-list 1 permit 192.168.1.0 0.0.0.255 |
| access-list 1 permit 192.168.2.0 0.0.0.255 |
| access-list 1 permit 10.0.0.0 0.0.0.255 |
| Create an access group which permits communication with the specified subnet. Reverse mask need to bee used. |
| int fa0/0 |
| ip access-group 1 in |
| set access group 1 restriction for inbound connections |
| end |
| sh access-lists |
| list access group status and permit matches |
| conf t |
| enter into configuration mode |
| ip access-list standard test |
| enter into IP based access list configuration mode |
| permit 192.168.1.0 0.0.0.255 |
| 15 permit host 8.8.8.8 |
| possible to set id, for example 15 |
| int fa0/1 |
| ip access-group test in |
| setup Name based access group for the selected port |
| exit |
| access-list 100 deny icmp host 192.168.1.2 host 192.168.2.2 |
| access-list 100 permit icmp host 192.168.1.0 0.0.0.255 any |
| int fa0/1 |
| ip access-group 100 in |
Share with:
