Manualshelf

Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRBT-8200
561562563564565566567568569570
14-14 Security ACL Commands
set security acl map
AssignsacommittedsecurityACLtoaVLAN,physicalportorports,virtualport,orDistributed
APontheRoamAboutSwitch.
Syntax
set security acl map acl-name {vlan vlan-id | port port-list [tag tag-list] | dap
dap-num} {in | out}
Parameters
Defaults
None.
Mode
Enabled.
Usage
BeforeyoucanmapasecurityACL,youmustusethecommitsecurityaclcommandtosavethe
ACLintherunningconfigurationandnonvolatilestorage.
Forbestresults,maponlyoneinputsecu rityACLandoneoutputsecurityACLtoeachVLAN,
physicalport,virtualport,orDistributedAPto
filteraflowofpackets.Ifmorethanonesecu rity
ACLfiltersthesametraffic,MSSappliesonlythefirstACLmatchandignoresanyothermatches.
Note: To assign a security ACL to a user or group in the local RoamAbout Switch database, use the
command set user attr, set mac-user attr, set usergroup attr, or set mac-usergroup attr with the
Filter-Id attribute. To assign a security ACL to a user or group with Filter-Id on a RADIUS server, see
the documentation for your RADIUS server.
aclname NameofanexistingsecurityACLtomap.ACLnamesstartwithaletter
andarecaseinsensitive.
vlanvlanid VLANnameornumber.MSSassignsthesecurityACLtothespecified
VLAN.
port portlist Portlist.MSSassignsthesecurityACLtothespecifiedphysicalRoamAbou t
Switchportor
ports.
tagtaglist OneormorevaluesthatidentifyavirtualportinaVLAN.Specifyasingle
tagvaluefrom1through4095.Orspecifyacommaseparatedlistofvalues,
ahyphenseparatedrange,oranycombination,withnospaces.MSSassigns
thesecurityACLtothespecified
virtualportorports.
dapdapnum OneormoreDistributedAPs,basedontheirconnectionIDs.Specifya
singleconnectionID,orspecifyacommaseparatedlistofconnectionIDs,a
hyphenseparatedrange,oranycombination,withnospaces.MSSassigns
thesecurityACLtothespecifiedDistributedAPs.
in Assigns
thesecurityACLtotrafficcomingintotheRoamAboutSwitch.
out AssignsthesecurityACLtotrafficcomingfromtheRoamAboutSwitch.