Foundry NetIron M2404C and M2404F Metro Access Switches
Configuring ACLs (Rev. 03)
Overview
© 2008 Foundry Networks, Inc
Page 40 of 50
device-name
(config-if
UU/SS/PP
acg
acl-num
)#
set vlan
<
vlan-id
>
device-name
(config-if
UU/SS/PP
acg
acl-num
)#
no
set vlan
<
vlan-id
>
device-name
(config vlan
VLAN-NAME
acg
acl-num
)#
set vlan
<
vlan-id
>
device-name
(config vlan
VLAN-NAME
acg
acl-num
)#
no
set vlan
<
vlan-id
>
Argument Description
vlan-id
Specifies a VLAN ID number, in the range <1-4093>.
Example
The following example shows how to redirect traffic that matches access list 110 on port 1/1/1 to
VLAN ID 300. The
option
keyword
is specified so
the command changes the CLI mode to the
specified Interface ACG Configuration mode.
device-name
(config)#
interface 1/1/1
device-name
(config-if 1/1/1)#
ip access-group 110 option
device-name
(config-if 1/1/1 acg 110)#
set vlan 300
Saving the ACG Options and Terminating the Configuration
The
apply
command, in Interface or VLAN ACG Configuration mode, saves the ACG options and
exits the ACG Configuration mode.
NOTE
The
apply
command has the same effect as the
exit
command or the shortcut key
<Ctrl+D>.
Command Syntax
device-name
(config-if
UU/SS/PP
acg
acl-num
)#
apply
device-name
(config vlan
VLAN-NAME
acg
acl-num
)#
apply
Displaying ACLs and ACGs
Table 15
lists commands used to display the ACLs and ACGs.
Table 15: ACLs and ACGs Display Commands
Command
Description
show ip access-lists
Displays the configured IP ACLs.
show mac access-lists
Displays the configured MAC ACLs.
show ether-type access-
lists
Displays the configured EtherType ACLs.
show ip access-groups
Displays the IP ACGs configured on the interfaces and
VLANs.
show mac access-groups
Displays the MAC ACGs configured on the interfaces and
VLANs.