Dell Force10 S2410-01-10GE-24P SFTOS Configuration Guide - Page 201
Protecting the Management Interface with a Loopback ACL,
View all Dell Force10 S2410-01-10GE-24P manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 201 highlights
• Attach a specified ACL to the selected interface: - ip access-group ACLnumber [1-4294967295] in The optional 1-4294967295 variable is an integer that indicates the order of application of this ACL relative to other ACLs assigned to this interface. Figure 13-160. Using the ip access-group Command Force10 (Config)#interface 1/0/21 Force10 (Interface 1/0/21)#ip access-group 100 1 in When the ip access-group command is used in Interface Config mode, it attaches a specified ACL to the selected interface. In Global Config mode, the command attaches a specified ACL to all interfaces. • Display a summary of all created IP Access Control Lists (ACLs), or details about the rules that are defined for a specific ACL: - show ip access-lists [ACLnumber] Figure 13-161. Sample show ip access-lists Command Output Force10 #show ip access-lists Current number of ACLs: 2 Maximum number of ACLs: 100 ACL ID Rules Interface(s) Direction 1 1 100 1 1/0/21 inbound Force10 #show ip access-lists 100 ACL ID: 100 Interface: 1/0/21 Rule Number: 1 Action permit Match All FALSE Protocol 255(ip) Source L4 Port Keyword 80(www/http) Assign Queue 2 Redirect Interface 1/0/40 Force10 # Protecting the Management Interface with a Loopback ACL Added in SFTOS 2.5.1, the loopback interface is a virtual interface in which the software emulates an interface. Basically, the loopback interface is a handle controlling access to the CPU interface. When configuring an ACL on the loopback interface, the ACL is applied to all physical interfaces in the system. 1. The interface loopback 0 command creates the interface and invokes its own version of the Interface Config mode - Interface Loopback Config mode - the prompt is (Interface loopback 0)#. Commands that are available from Interface Config mode are also available in Interface Loopback Config mode. Access Control | 201