Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentEngine 611
491492493494495496497498499500
3-449
Cisco Wide Area Application Services Command Reference
OL-11817-01
Chapter 3 CLI Commands
Extended ACL Configuration Mode Commands
To create and modify extended access lists on a WAAS device for controlling access to interfaces or
applications, use the ip access-list extended global configuration command. To disable an extended
access list, use the no form of the command.
ip access-list extended {acl-name | acl-num}
Syntax Description
Defaults An access list drops all packets unless you configure at least one permit entry.
Command Modes Global configuration
Device Modes application-accelerator
central-manager
Usage Guidelines Use access lists to control access to specific applications or interfaces on a WAAS device. An access
control list consists of one or more condition entries that specify the kind of packets that the WAAS
device will drop or accept for further processing. The WAAS device applies each entry in the order in
which it occurs in the access list, which by default is the order in which you configured the entry.
The following list contains examples of how ACLs can be used in environments that use WAAS devices:
A WAAS device resides on the customer premises and is managed by a service provider, and the
service provider wants to secure the device for its management only.
A WAAS device is deployed anywhere within the enterprise. As with routers and switches, the
administrator wants to limit Telnet, SSH, and WAAS GUI access to the IT source subnets.
extended Enables extended ACL configuration mode. The CLI enters the extended
ACL configuration mode in which all subsequent commands apply to the
current extended access list. The (config-ext-nacl) prompt appears:
WAE(config-ext-nacl)#
acl-name Access list to which all commands entered from ACL configuration mode
apply, using an alphanumeric string of up to 30 characters, beginning with
a letter.
acl-num Access list to which all commands entered from access list configuration
mode apply, using a numeric identifier. For extended access lists, the valid
range is 100 to 199.