Reference Guide
232 Network Security
Configuring MAC-Based ACLs Using CLI Commands
The following table summarizes the CLI commands for configuring
MAC-based ACLs.
The following is an example of some of the CLI commands:
MAC-Based ACEs
To add rules to an ACL:
1
Click
Switching
>
Network Security
>
MAC Based ACE
to display the
MAC Based ACE: Summary
page.
The currently-defined rules for the selected ACL are displayed.
2
To add a rule click
Add ACE
.
3
Select the ACL for which a rule is being created.
4
Enter the fields:
–
New Rule Priority
— Enter the priority of the ACE. ACEs with higher
priority are processed first. One is the highest priority
–
Source MAC Address
— Match the source MAC address from which
packets have arrived to this source address. In addition to the Source
MAC address, you can enter a
Wildcard Mask
that specifies which
bits in the source address are used for matching and which bits are
Table 9-2. MAC Based ACL CLI Commands
CLI Command Description
mac access-list extended acl-
name
no mac access-list extended acl-
name
Defines an ACL and places the device
in MAC-extended ACL configuration
mode.
Use the no form of this command to
remove the ACL.
show interfaces access-lists
[interface-id]
Displays access lists applied on
interfaces.
console# show access-lists
Extended IP access list ACL1
permit 234 172.30.40.1 0.0.0.0 any
permit 234 172.30.8.8 0.0.0.0 any