Use the access-list global con?¬?guration
command.
RouterX(config)# aacccceessss--lliisstt 110011 ddeennyy ttccpp 117722..1166..44..00 00..00..00..225555 117722..166..33..00
00..00..00..225555 eeqq 2211
Use the show access-lists command to display the contents of the ACL. In
the example, access-list 101 denies TCP traf?¬?c from source 172.16.4.0,
using the wildcard 0.0.0.255, to destination 172.16.3.0, using the wildcard
0.0.0.255 on port 21 (FTP control port) .
Step 2 Select a desired interface to be con?¬?gured. Use the interface global
con?¬?guration command.
RouterX(config)# iinntteerrffaaccee eetthheerrnneett 00..
After the interface command is entered, the CLI prompt changes from
(con?¬?g)# to (con?¬?g-if)#.
Example 6-6 Access List Permitting Responses to an Originating Mail Host
access-list 102 permit tcp any host 128.88.1.2 established
access-list 102 permit tcp any host 128.88.1.2 eq smtp
interface serial 0
ip access-group 102 in
Table 6-7 ip access-group Command Parameters
ip access-group
Command
Parameters Description
access-list-number Indicates the number of the ACL that is to be linked to an interface
in | out Selects whether the ACL is applied as an input or output ?¬?lter; out is the
default
Con?¬?guring ACLs 231
Step 3 Link the extended IPv4 ACL to an interface.
Pages:
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352