Reference Guide
Access Control Lists (ACL) | 175
Parameters
Command Modes
EXEC Privilege
Command
History
ip access-group
c e s z
Assign an IP access list (IP ACL) to an interface.
Syntax
ip access-group access-list-name {in | out} [implicit-permit] [vlan vlan-id]
To delete an IP access-group configuration, use the no ip access-group access-list-name {in |
out} [implicit-permit] [vlan vlan-id] command.
Parameters
Defaults
Not enabled.
Command Modes
INTERFACE
Command
History
access-list-name
(OPTIONAL) Enter the name of a configured access-list, up to 140 characters.
Version 8.3.11.1 Introduced on the Z9000.
Version 8.1.1.0 Introduced on E-Series ExaScale
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names are up
to 16 characters long.
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
pre-Version 6.2.1.1 Introduced
access-list-name
Enter the name of a configured access list, up to 140 characters.
in Enter the keyword in to apply the ACL to incoming traffic.
out Enter the keyword out to apply the ACL to outgoing traffic.
Note: Available only on 12-port 1-Gigabit Ethernet FLEX line card. Refer to your
line card documentation for specifications. Not available on S-Series.
implicit-permit (OPTIONAL) Enter the keyword implicit-permit to change the default action
of the ACL from implicit-deny to implicit-permit (that is, if the traffic does not
match the filters in the ACL, the traffic is permitted instead of dropped).
vlan vlan-id (OPTIONAL) Enter the keyword vlan followed by the ID numbers of the
VLANs.
Range: 1 to 4094, 1-2094 for ExaScale (can used IDs 1-4094)
Version 8.3.11.1 Introduced on the Z9000.
Version 8.1.1.0 Introduced on E-Series ExaScale
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names are up
to 16 characters long.
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
pre-Version 6.2.1.1 Introduced