permit (ex3500-std acl)

Creates a permit rule that allows packets from a specified source or sources. The source can be a single device or a range of devices within a specified network. Use this command to also edit an existing permit rule.

Supported in the following platforms:

  • Wireless Controllers — RFS4000
  • Service Platforms — NX5500, NX7500, NX9500, NX9600, VX9000

Syntax

permit [<SOURCE-NETWORK-IP/MASK>|any|host <SOURCE-HOST-IP>] 
{ex3500-time-range <TIME-RANGE-NAME>}

Parameters

permit [<SOURCE-NETWORK-IP/MASK>|any|host <SOURCE-HOST-IP>] 
{ex3500-time-range <TIME-RANGE-NAME>}
permit [<SOURCE-NETWORK-IP/MASK>| any| host <SOURCE-HOST-IP>] Creates a permit rule that allows packets from a specified source or a network. Use one of the following options to specify the source: any, host, or network.
  • <SOURCE-NETWORK-IP/MASK> – Configures a network as the source. Provide the network‘s IPv4 address along with the mask.
  • host <SOURCE-HOST-IP> – Configures a single device as the source. Provide the host device‘s IPv4 address.
  • any – Specifies that the source can be any device
ex3500-time-range <TIME-RANGE-NAME> Optional. Applies a periodic or absolute time range to this permit rule
  • <TIME-RANGE-NAME> – Specify the time range name (should be existing and configured). The ACL is triggered during the time period configured in the specified EX3500 time range. For information on configuring EX3500 time-range, see ex3500 .

Examples

nx9500-6C8809(config-ip-ex3500-std-acl-test)#permit host 192.168.13.13 ex3500-time-range EX3500_TimeRange_01
nx9500-6C8809(config-ip-ex3500-std-acl-test)#show contextnx9500-6C8809(config-ip-ex3500-std-acl-test)#show context
ip ex3500-std-access-list test
 deny 192.168.14.0/24
 permit host 192.168.13.13 ex3500-time-range EX3500_TimeRange_01
nx9500-6C8809(config-ip-ex3500-std-acl-test)#
nx9500-6C8809(config-ip-ex3500-std-acl-test)#

Related Commands

no (ex3500-std acl) Removes a specified permit access rule from this IPv4 EX3500 standard ACL