Reference Guide
Access Control Lists (ACL) | 209
ip access-group
c e s
Assign an IP access list (IP ACL) to an interface.
Syntax
ip access-group access-list-name {in | out} [implicit-permit] [vlan vlan-id]
Parameters
Defaults
Not enabled.
Command Modes
INTERFACE
Command
History
Usage
Information
You can assign one ACL (standard or extended ACL) to an interface.
When you apply an ACL that filters IGMP traffic, all IGMP traffic is redirected to the CPUs and
soft-forwarded, if required, in the following scenarios:
• on a Layer 2 interface - if a Layer 3 ACL is applied to the interface.
• on a Layer 3 port or on a Layer 2/Layer 3 port
Related
Commands
access-list-name
Enter the name of a configured access list, up to 140 characters.
in Enter the keyword in to apply the ACL to incoming traffic.
out Enter the keyword out to apply the ACL to outgoing traffic.
Note: Available only on 12-port 1-Gigabit Ethernet FLEX line card. Refer to your
line card documentation for specifications. Not available on S-Series.
implicit-permit (OPTIONAL) Enter the keyword implicit-permit to change the default action
of the ACL from implicit-deny to implicit-permit (that is, if the traffic does not
match the filters in the ACL, the traffic is permitted instead of dropped).
vlan vlan-id (OPTIONAL) Enter the keyword vlan followed by the ID numbers of the
VLANs.
Range: 1 to 4094, 1-2094 for ExaScale (can used IDs 1-4094)
Version 8.1.1.0 Introduced on E-Series ExaScale
Version 7.8.1.0 Increased name string to accept up to 140 characters. Prior to 7.8.1.0, names are up
to 16 characters long.
Version 7.6.1.0 Support added for S-Series
Version 7.5.1.0 Support added for C-Series
pre-Version 6.2.1.1 Introduced
Note: This command is supported on the loopback interfaces of EE3, and EF series RPMs. It
is not supported on loopback interfaces ED series RPM, or on C-Series or S-Series loopback
interfaces.
ip access-list standard Configure a standard ACL.
ip access-list extended Configure an extended ACL.