Use this command to apply standard or extended access restrictions to inbound or outbound frames on an interface when operating in router mode.
| access-list-number | name | Specifies the number or name of the access list to be applied to the access list. This is either a decimal number from 1 to 199 or a alpha-numeric text name of up to 64 characters. |
| in | Filters inbound frames. |
| out | Filters outbound frames. |
| all-traffic | (Optional) Specifies that the assigned ACL is applied to all traffic on the interface, not just the routed traffic. |
| routed-traffic | (Optional) Specifies that the assigned ACL is applied only to the routed traffic on the interface. (Default) |
If the traffic type is not specified, the ACL is applied only to routed traffic.
Configuration command, Interface configuration.
Standard or extended ACLs must be applied per routing interface. An ACL can either be applied to inbound or outbound frames. An ACL can be applied before it is created. The uncreated applied ACL will have no affect.
By default, an IPv4 ACL is only applied to routed traffic. To apply the IPv4 ACL to all traffic, use the all-traffic option.
Use ip policy-access-list (S-, K-Series) to apply a policy ACL to an interface.
The “no” form of this command removes the specified access list.
This example shows how to apply access list 1 for all inbound frames on VLAN 1. Through the definition of access list 1, only frames with source 192.5.34.0 will be routed. All the frames with other sources received on VLAN 1 are dropped:
System(rw-config)->access-list 1 permit 192.5.34.0 0.0.0.255 System(rw-config)->interface vlan 1 System(rw-config-intf-vlan.0.1)->ip access-group 1 in
Print
this page
Email this topic
Feedback
View PDF
Download EPUB