Adding or Removing Network-Zone Attributes

To add or remove IP/MAC addresses to or from the network-zone, enter the following command:

configure access-list network-zone zone_name [add | delete] [mac-address macaddress {macmask} | ipaddress [ipaddress {netmask} | ipNetmask | ipv6_address_mask]]

Here is an example:

Switch# configure access-list network-zone zone1 add ipaddress 11.1.1.1/24

If you try to add the same IP/MAC with the same or narrow mask, the configuration is rejected, with the following error message:

Switch# configure access-list network-zone "zone1" add ipaddress 11.1.1.1/32
Error:  Network Zone "zone1" - Zone already has the same entity value with same or wider mask.

If the you try to add more than eight attributes to a network-zone, the following error message is issued:

Switch# configure access-list network-zone "zone1" add ipaddress 11.1.1.1/24
Error:  Network Zone "zone1" - Reached maximum number of attributes. Unable to add more.