hit counter script

Classifying Traffic By Using Acls - Cisco Catalyst 2975 Software Configuration Manual

Ios release 12.2(55)se
Hide thumbs Also See for Catalyst 2975:
Table of Contents

Advertisement

Chapter 33
Configuring QoS

Classifying Traffic by Using ACLs

You can classify IP traffic by using IP standard or IP extended ACLs; you can classify non-IP traffic by
using Layer 2 MAC ACLs.
Beginning in privileged EXEC mode, follow these steps to create an IP standard ACL for IP traffic:
Command
Step 1
configure terminal
Step 2
access-list access-list-number {deny |
permit} source [source-wildcard]
Step 3
end
Step 4
show access-lists
Step 5
copy running-config startup-config
To delete an access list, use the no access-list access-list-number global configuration command.
This example shows how to allow access for only those hosts on the three specified networks. The
wildcard bits apply to the host portions of the network addresses. Any host with a source address that
does not match the access list statements is rejected.
Switch(config)# access-list 1 permit 192.5.255.0 0.0.0.255
Switch(config)# access-list 1 permit 128.88.0.0 0.0.255.255
Switch(config)# access-list 1 permit 36.0.0.0 0.0.0.255
! (Note: all other access implicitly denied)
OL-19720-02
Purpose
Enter global configuration mode.
Create an IP standard ACL, repeating the command as many times as
necessary.
For access-list-number, enter the access list number. The range is
1 to 99 and 1300 to 1999.
Use the permit keyword to permit a certain type of traffic if the
conditions are matched. Use the deny keyword to deny a certain
type of traffic if conditions are matched.
For source, enter the network or host from which the packet is
being sent. You can use the any keyword as an abbreviation for
0.0.0.0 255.255.255.255.
(Optional) For source-wildcard, enter the wildcard bits in dotted
decimal notation to be applied to the source. Place ones in the bit
positions that you want to ignore.
When creating an access list, remember that, by default, the end
Note
of the access list contains an implicit deny statement for
everything if it did not find a match before reaching the end.
Return to privileged EXEC mode.
Verify your entries.
(Optional) Save your entries in the configuration file.
Catalyst 2975 Switch Software Configuration Guide
Configuring Standard QoS
33-45

Hide quick links:

Advertisement

Table of Contents
loading

Table of Contents