Manualshelf

CLI Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
1041104210431044104510461047104810491050
Security Commands 1043
Different authentication sessions, as in the case of the data and voice VLAN
authenticating independently, may both have Dynamic ACLs. It is
recommended that the DACLs be carefully designed so that they work in
harmony, such as, at a minimum, no ACL numbers are duplicated across the
DACLs. DACLs are applied at the port level and are capable of affecting any
traffic ingressing the port.
Predefined ACL Examples
ip:inacl=Named_ACL
ipv6:inacl=Named_IPv6_ACL
Dynamic ACL Definition
This method uses ACL syntax to create a new ingress ACL on the switch:
ip:inacl[#number]={extended-access-control-list}
ipv6:inacl[#number]={ extended-access-control-list}
The ip token indicates an IPv4 ACL definition follows the equals sign.
The ipv6 token indicates an IPv6 ACL definition follows the equals sign.
#number is the ACL sequence number in decimal format. Range 1–
2147483647.
The tokens ip:inacl and ipv6:inacl are in lower case and are followed by an
equals sign with no intervening white space.
extended-access-control-list means an extended IPv4/IPv6 Extended ACL
CLI rule definition beginning with the {permit|deny} tokens followed by
the protocol {every | eigrp | gre | icmp | igmp | ip | ipinip | ospf | pim |
tcp | udp | 0-55} for IPv4 and { every icmpv6| ipv6 | sctp | tcp | udp} for
IPv6.
Dynamic ACL Example (Extended syntax, that is, ip access-list extended ...)
ip:inacl#100=permit ip any 209.165.0.0 0.0.255.255
ip:inacl#110=permit ip any 209.166.0.0 0.0.255.255
ip:inacl#120=permit ip any 209.167.0.0 0.0.255.255
Multiple ip:inacl /ipv6:inacl av-pairs may be present in the RADIUS message.
However, only the first definition will be applied for the authentication
session. Different sessions, as in the case of the data and voice VLAN
authenticating independently, may both have Dynamic ACLs. It is
recommended that the DACLs be carefully designed so that they work in
harmony, such as, at a minimum, no ACL numbers are duplicated across the
DACLs. DACLs are applied at the port level and are capable of affecting any