(For more on these commands, see "Rebooting the Switch" in the basic operation guide for your switch.)
Transferring ACL command files
This section describes how to upload and execute a command file to the switch for configuring or replacing an
ACL in the switch configuration. Such files should contain only access control entry (ACE) commands. For more
on this general topic, including an Example: of an ACL command file created offline, see the section "Editing
ACLs and Creating an ACL Offline" in the "Access Control Lists (ACLs)" of the latest access security guide for
your switch.
TFTP: Uploading an ACL command file from a TFTP server (CLI)
Syntax:
copy tftp command-file <
ip-addr
>
<filename
.txt> {<unix | pc>}
Copies and executes the named text file from the specified TFTP server address and executes the ACL
commands in the file.
<
ip-addr
>
The IP address of a TFTP server available to the switch
<
filename.txt
>
A text file containing ACL commands and stored in the TFTP directory of the server
identified by
ip-addr
{<unix | pc>}
The type of workstation used for serial, Telnet, or SSH access to the switch CLI
Depending on the ACL commands used, this action does one of the following in the
running-config
file:
• Creates a new ACL.
• Replaces an existing ACL. (See "Creating an ACL Offline" in the "Access Control Lists (ACLs)" in the latest
access security guide for your switch.)
• Adds to an existing ACL
Example:
Suppose you:
• Created an ACL command file named
vlan10_in.txt
to update an existing ACL.
• Copied the file to a TFTP server at 18.38.124.16.
Using a PC workstation, you then execute the following from the CLI to upload the file to the switch and
implement the ACL commands it contains:
switch(config)# copy tftp command-file 18.38.124.16
vlan10_in.txt pc
The switch displays this message:
Running configuration may change, do you want to continue
[y/n]?
To continue with the upload, press the
[Y]
key. To abort the upload, press the
[N]
key. Note that if the switch
detects an illegal (non-ACL) command in the file, it bypasses the illegal command, displays a notice (as shown in
362
Aruba 2930F / 2930M Management and Configuration Guide
for ArubaOS-Switch 16.08