Manualshelf

Specifications

ManualsBrandsCisco ManualsConsumer electronicsSCE8000
51525354555657585960
2-17
Cisco SCE 8000 CLI Command Reference
Chapter 2 CLI Command Reference
access-list
Authorization: admin
Examples The following example adds entries to the bottom of access-list 1. The first entry permits access to
10.1.1.0 to 10.1.1.255. The second entry denies access to any address. Together, this list allows access
only to addresses 10.1.1.*.
SCE8000>enable 10
Password:<cisco>
SCE8000#config
SCE8000(config)#access-list 1 permit 10.1.1.0 0.0.0.255
SCE8000(config)#access-list 1 deny any
SCE8000(config)#
The following example defines access-list 2, a list that denies access to all IP addresses in the range
10.1.2.0 to 10.1.2.255, permits access to all other addresses in the range 10.1.0.0 to 10.1.15.255, and
denies access to all other IP addresses. Note that, because the first range is contained within the second
range, the order of entries is important. If they had been entered in the opposite order, the deny entry
would not have any effect.
SCE8000>enable 10
Password:<cisco>
SCE8000#config
SCE (config)#access-list 2 deny 10.1.2.0 0.0.0.255
SCE (config)#access-list 2 permit 10.1.0.0 0.0.15.255
SCE8000(config)#
Related Commands
any All IP addresses are matched by this entry. This value is equivalent to specifying the
address 0.0.0.0 255.255.255.255.
address IP address or range of IP addresses, matched by this entry. This value can be one address
in the format x.x.x.x or a range of addresses in the format x.x.x.x y.y.y.y, where x.x.x.x
specifies the prefix bits common to all IP addresses in the range, and y.y.y.y is a mask
that specifies the bits that are ignored. In this notation, 1 means bits to ignore.
For example, the address 0.0.0.0 255.255.255.255 means any IP address. The address
10.0.0.0 0.1.255.255 means IP addresses from 10.0.0.0 to 10.1.255.255. The address
1.2.3.4 0.0.0.255 means IP addresses from 1.2.3.0 to 1.2.3.255 (a more natural way of
expressing the same range is 1.2.3.0 0.0.0.255).
Table 2-2 Valid Permission Values (continued)
Command Description
ip access-class Specifies which access control list (ACL) controls global access to the Cisco
SCE platform.
show access-lists Displays all access lists or a specific access list.