Specifications

ManualsBrandsEnterasys ManualsComputer equipmentRoamAbout RBT-8100

311

312

313

314

315

316

317

318

319

320

Modifying a Security ACL

15-16 Configuring and Managing Security ACLs

TodeleteasecurityACLfromauser’sconfigurationonaRADIUSserver,seethedocumentation

foryourRADIUSserver.

IfyounolongerneedthesecurityACL,deleteitfromtheconfigurationwiththeclearsecurityacl

andcommitsecurityaclcommands.(See“ClearingSecurityACLs”onpage 15‐12.)

Modifying a Security ACL

YoucanmodifyasecurityACLinthe followingways:

•AddanotherACEtoasecurityACL,attheendoftheACElist.(See“AddingAnotherACEto

aSecurityACL”onpage 15‐16.)

•PlaceanACEbeforeanotherACE,soitisprocessedbeforesubsequentACEs,usingthe

before

editbuffer‐indexportionofthesetsecurityaclcommands.(See“PlacingOneACE

beforeAnother”onpage 15‐17.)

•ModifyanexistingACEusingthemodifyeditbuffer‐indexportionofthesetsecurityacl

commands.(See“ModifyinganExistingSecurityACL”onpage 15 ‐18.)

•Usetherollbackcommandsetto

clearchangesmadetothesecurity ACLeditbuffersincethe

lasttimeitwassaved.TheACLisrolledbacktoitsstateatthelastcommitcommand.

(See“ClearingSecurityACLsfromtheEditBuffer”onpage 15‐19.)

•Usetheclearsecurityaclmapcommandtostopthe

filteringactionofanACLonaVLAN,or

virtualport.(See“ClearingaSecurityACLMap”onpage 15‐15.)

•UseclearsecurityaclpluscommitsecurityacltocompletelydeletetheACLfromthe

RoamAboutswitch’sconfiguration.(See“ClearingSecurityACLs”onpage 15‐12.)

Adding Another ACE to a Security ACL

ThesimplestwaytomodifyasecurityACListoaddanotherACE.

Example

Forexample,supposeyouwantedtomodifyanexistingACLnamedacl‐violet.Followthesesteps:

1. TodisplayallcommittedsecurityACLs,typethefollowingcommand:

RBT-8100# show security acl info

ACL information for all

set security acl ip acl-violet (hits #2 0)

----------------------------------------------------

1. permit IP source IP 192.168.253.1 0.0.0.255 destination IP any enable-

hits

2. ToaddanotherACEtotheendofacl‐violet,typethefollowingcommand:

RBT-8100# set security acl ip acl-violet permit 192.168.123.11 0.0.0.255 hits

3. TocommittheupdatedsecurityACLacl‐violet,typethefollowingcommand:

RBT-8100# commit security acl acl-violet

success: change accepted.

4. Todisplaytheupdatedacl‐violet,typethefollowingcommand:

RBT-8100# show security acl info