CLI Guide
ip access-group
Apply an egress IP ACL to an interface.
Syntax
ip access-group access-list-name {in | out} [implicit-permit]
[vlan vlan-id]
Parameters
access-list-name Enter the name of a configured access list, up to 140
characters.
in Enter the keyword in to apply the ACL to incoming traffic.
out Enter the keyword out to apply the ACL to the outgoing
traffic.
implicit-permit (OPTIONAL) Enter the keyword implicit-permit to
change the default action of the ACL from implicit-deny to
implicit-permit (that is, if the traffic does not match the
filters in the ACL, the traffic is permitted instead of dropped).
vlan vlan-id (OPTIONAL) Enter the keyword vlan then the ID numbers
of the VLANs.
Defaults Not enabled..
Command Modes INTERFACE
Supported Modes Full–Switch
Command History
Version Description
9.9(0.0) Introduced on the FN IOM.
8.3.16.1 Introduced on the MXL 10/40GbE Switch IO Module
platform.
Usage Information You can assign one ACL (standard or extended ACL) to an interface..
NOTE: This command is not supported on the FN IOMSwitch Loopback
interfaces.
NOTE: If outbound(egress) IP ACL is applied on switch port, filter will be
applied only for routed traffic egressing out of that port.
Related
Commands
ip access-list standard — configures a standard ACL.
ip access-list extended — configures an extended ACL.
170
Access Control Lists (ACL)