Specifications
ip access-list extended
287
ip access-list extended
Configures an access list to serve as an IPv4 filter. There are two types of access lists that
operate as IPv4 filters. One type is an IPv4 address filter and the other type is an IPv4
packet filter.
This command sets an IPv4 packet filter.
An IPv4 packet filter filters based on source IPv4 address, destination IPv4 address, VLAN
ID, user priority, TOS field value, port number, and TCP flag.
Multiple filter conditions can be set by using a single access list ID. For Ethernet and VLAN
interfaces, a maximum of 127 filter conditions can be set. For a Switch, a maximum of 512
access lists (for IPv4 and MAC) can be created. A maximum of 1024 filter condition entries
can be created.
Syntax
To set or change information:
ip access-list extended <ACL ID>
To delete information:
no ip access-list extended <ACL ID>
Input mode
(config)
Parameters
<ACL ID>
Specifies the identifier of the IPv4 packet filter that is to be set.
The Switch enters config-ext-nacl mode.
1. Default value when this parameter is omitted:
This parameter cannot be omitted.
2. Range of values:
Specify an access list name that is 3 to 31 characters. For details about the
characters that can be specified, see Specifiable values for parameters.
Default behavior
None
Impact on communication
None
When the change is applied
The change is applied immediately after setting values are changed.
Notes
You cannot specify IPv4 address filter names and MAC access list names that have
already been created.
Related commands
ip access-group