Product guide

ManualsBrandsProCurve ManualsComputer equipment6400cl

361

362

363

364

365

366

367

368

369

370

Access Control Lists (ACLs) for the Series 5300xl Switches

Contents

Extended ACL Configuration Structure . . . . . . . . . . . . . . . . . . . . 9-28

A Configured ACL Has No Effect Until You Apply It

You Can Assign an ACL Name or Number to a VLAN Even

Display All ACLs and Their Assignments in the

ACL Configuration Factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-29

The Sequence of Entries in an ACL Is Significant . . . . . . . . . . . . 9-29

In Any ACL, There Will Always Be a Match . . . . . . . . . . . . . . . . . 9-31

to an Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31

if the ACL Does Not Yet Exist in the Switch’s Configuration . . 9-31

Using the CLI To Create an ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31

General ACE Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-32

Using CIDR Notation To Enter the ACL Mask . . . . . . . . . . . . . . . 9-32

Configuring and Assigning a Numbered, Standard ACL . . . . . . . . . . 9-33

Configuring and Assigning a Numbered, Extended ACL . . . . . . . . . . 9-38

Configuring a Named ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-44

Enabling or Disabling ACL Filtering on a VLAN . . . . . . . . . . . . . . . . . 9-46

Deleting an ACL from the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-47

Displaying ACL Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-48

Display an ACL Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-48

Display the Content of All ACLs on the Switch . . . . . . . . . . . . . . . . . . 9-49

Display the ACL Assignments for a VLAN . . . . . . . . . . . . . . . . . . . . . . 9-50

Displaying the Content of a Specific ACL . . . . . . . . . . . . . . . . . . . . . . 9-50

Switch Startup-Config File and Running-Config File . . . . . . . . . . . . . 9-52

Editing ACLs and Creating an ACL Offline . . . . . . . . . . . . . . . . . . . . 9-53

Using the CLI To Edit ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-53

General Editing Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-53

Deleting Any ACE from an ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-54

Working Offline To Create or Edit an ACL . . . . . . . . . . . . . . . . . . . . . 9-55

Creating an ACL Offline . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-56

Enable ACL “Deny” Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-59

Requirements for Using ACL Logging . . . . . . . . . . . . . . . . . . . . . . . . . . 9-59

ACL Logging Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-59

Enabling ACL Logging on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . 9-60

Operating Notes for ACL Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-62

General ACL Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-63

9-2