TP-Link T1500-28TC TL-SL2428 T1500-28TCUN V1 Configuration Guide - Page 400
Switchconfig#access-list extended, Switchconfig#show access-list
View all TP-Link T1500-28TC TL-SL2428 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 400 highlights
Configuring ACL ACL Configurations Step 3 access-list extended acl-id rule rule-id {deny | permit} [ [sip source-ip] smask source-ip-mask] [ [dip destination-ip] dmask destination-ip-mask] [s-port s-port] [d-port d-port] [protocol protocol] Add a rule to the ACL. acl-id: The ID number of the ACL you have created. rule-id: Specify the rule ID, which ranges from 0 to 1999. It should not be the same as any existing Extend-IP ACL IDs deny | permit: Specify the operation to be performed with the packets that match the rule. Deny means to discard; permit means to forward. By default, it is permit. source-ip: Enter the source IP address. source-ip-mask: Enter the mask of the source IP address. This is required if a source IP address is entered. destination-ip: Enter the destination IP address. destination-ip-mask: Enter the mask of the destination IP address. This is required if a destination IP address is entered. s-port: Enter the TCP/UDP source port if TCP/UDP protocol is selected. d-port: Enter the TCP/UDP destination port if TCP/UDP protocol is selected. protocol: Specify a protocol type. Step 4 show access-list [access-list-num] (Optional) View the current ACL configuration. access-list-num: The ID number of the ACL. Step 5 end Return to privileged EXEC mode. Step 6 copy running-config startup-config Save the settings in the configuration file. The following example shows how to create Extend-IP ACL 1700 and configure Rule7 to deny Telnet packets with source IP192.168.2.100: Switch#configure Switch(config)#access-list create 1700 Switch(config)#access-list extended 1700 Rule 7 deny sip 192.168.2.100 smask 255.255.255.255 protocol 6 d-port 23 Switch(config)#show access-list 1700 Extended IP access list 1700 Rule 7 deny sip 192.168.2.100 smask 255.255.255.255 protocol 6 d-port 23 Switch(config)#end Switch#copy running-config startup-config Configuration Guide 379