Step 2 Use the interface con?¬?guration command to select an interface to which to
apply the ACL.
RouterX(config)# iinntteerrffaaccee eetthheerrnneett 11
After you enter the interface command, the command-line interface (CLI)
prompt changes from (con?¬?g)# to (con?¬?g-if)#.
Step 3 Use the ip access-group interface con?¬?guration command to activate the
existing ACL on an interface.
RouterX(config-if)# iipp aacccceessss--ggrroouupp 11 oouutt
To remove an IP ACL from an interface, enter the no ip access-group
access-list-number command on the interface.
This step activates the standard IPv4 ACL 1 on the interface as an outbound
?¬?lter.
Example: Numbered Standard IPv4 ACL??”Permit My Network Only
For the network shown in Figure 6-13, you want to create a list to prevent traf?¬?c that is not part of
the internal networks (172.16.0.0/16) from traveling out either of the Ethernet interfaces.
Figure 6-13 Standard ACL Permitting a Speci?¬?c Network
E1
S0
E0
Non-
172.16.0.0 172.16.4.0
172.16.4.13
172.16.3.0
224 Chapter 6: Managing Traffic with Access Control Lists
The con?¬?guration in Example 6-2 provides a solution for this example.
Table 6-2 describes the command syntax that is presented in Example 6-2.
Pages:
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342