Loading ...
Loading ...
Loading ...
Configuring ACL Configuration Example for ACL
User Guide 839
11) Click to save the settings.
3.1.4 Using the CLI
1) Create a time range entry .
Switch#config
Switch(config)#time-range Work_time
Switch(config-time-range)#holiday include
Switch(config-time-range)#absolute from 01/01/2018 to 01/01/2019
Switch(config-time-range)#periodic start 08:00 end 18:00 day-of-the-week 1,2,3,4,5
Switch(config-time-range)#end
Switch#copy running-config startup-config
2) Create a MAC ACL.
Switch#configure
Switch(config)#access-list create 100 name Forum_Control
3) Configure rule 5 to permit packets with source MAC address 8C-DC-D4-40-A1-79 and
destination MAC address 40-61-86-FC-71-56.
Switch(config)#access-list mac 100 rule 5 permit logging disable smac
8C:DC:D4:40:A1:79 smask FF: FF: FF: FF: FF: FF dmac 40:61:86:FC:71:56 dmask FF: FF:
FF: FF: FF: FF
4) Configure rule 15 to deny packets with destination MAC address 40-61-86-FC-71-56.
Switch(config)#access-list mac 100 rule 15 deny logging disable dmac
40:61:86:FC:71:56 dmask FF: FF: FF: FF: FF: FF tseg Work_time
5) Configure rule 25 to permit all the packets. The rule makes sure that the traffic to other
network resources will not be blocked by the switch.
Switch(config)#access-list mac 100 rule 25 permit logging disable
6) Bind ACL100 to port 1/0/2.
Switch(config)#access-list bind 100 interface gigabitEthernet 1/0/2
Switch(config)#end
Switch#copy running-config startup-config
Verify the Configurations
Verify the MAC ACL 100:
Switch#show access-list 100
MAC access list 100 name: “Forum_Control”
Loading ...
Loading ...
Loading ...