User Manual
400
Users Manual of XGS-6350-24X4C
terminates the match regulations. The order of the conditions is, therefore, important. If no regulations match,
the address is declined.
Use the access list by following the following steps:
(1) Create the access list by designating the access list name and conditions.
(2) Apply the access list to the interface.
43.4.2.2 Creating Standard and Extensible IP Access List
Use a character string to create an IP access list.
The standard access list and the extensible access list cannot have the same
name.
Run the following command in global configuration mode to create a standard access list:
Run… To…
ip access-list standardname
Use a name to define a standard
access list.
deny {source [source-mask] |
any}[log] or permit {source
[source-mask] | any}[log]
Designate one or multiple
permit/deny conditions in standard
access list configuration mode. The
previous setting decides whether the
packet is approved or disapproved.
Exit Log out from the access list
configuration mode.
Run the following command in global configuration mode to create an extensible access list.
Run… To…
ip access-list extended name
Use a name to define an extensible IP
access list.
{deny | permit}
protocolsourcesource-maskdestinatio
n destination-mask
[precedenceprecedence] [tostos]
[established] [log]{deny | permit}
protocolany any
Designate one or multiple
permit/deny conditions in extensible
access list configuration mode. The
previous setting decides whether the
packet is approved or disapproved.
precedence means the priority of the
IP packet; TOS means Type of
Service.
Exit Log out from the access list
configuration mode.
After the access list is originally created, any part that is added later can be put at the end of the list. That is to