37-17
Cisco IE 2000 Switch Software Configuration Guide
OL-25866-01
Chapter 37 Configuring Network Security with ACLs
How to Configure Network Security with ACLs
Applying an IPv4 ACL to a Terminal Line
This task restricts incoming and outgoing connections between a virtual terminal line and the addresses
in an ACL:
Applying an IPv4 ACL to an Interface
Creating Named MAC Extended ACLs
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
line [console | vty] line-number Identifies a specific line to configure, and enters in-line configuration mode.
• console—Specifies the console terminal line. The console port is DCE.
• vty—Specifies a virtual terminal for remote console access.
The line-number is the first line number in a contiguous group that you want
to configure when the line type is specified. The range is from 0 to 16.
Step 3
access-class access-list-number
{in
| out}
Restricts incoming and outgoing connections between a particular virtual
terminal line (into a
device) and the addresses in an access list.
Step 4
end Returns to privileged EXEC mode.
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
interface interface-id Identifies a specific interface for configuration, and enters interface
configuration mode.
The interface is a Layer 2 interface (port ACL).
Step 3
ip access-group {access-list-number |
name} {in | out}
Controls access to the specified interface.
The out keyword is not supported for Layer 2 interfaces (port ACLs).
Step 4
end Returns to privileged EXEC mode.
Command Purpose
Step 1
configure terminal Enters global configuration mode.
Step 2
mac access-list extended name Defines an extended MAC access list using a name.
