It sortof stumped me at first, when I started doing ACLs on the Nexus. After all, I was used to, in the Catalyst line (as well as Brocade and everything else I worked on), doing ACLs a certain way. I prefer doing the whole line at a time. Like this:
ip access-list 107 deny ip 192.168.0.0 0.0.255.255 4.4.4.0 0.0.0.255
However, the Nexus doesnt let you work this way. While the Catalyst and Cisco routers do allow the kind of config that the Nexus requires, I just wasnt used to doing it that way. But, sometimes you have to learn new things. Here is how you create an ACL on the Nexus. Below was on a 7K.
Notice that I start off (in config mode) with "ip access-list 107". After hitting enter, then I do my deny/permit statements.
ip access-list 107
deny ip 192.168.0.0 0.0.255.255 4.4.4.0 0.0.0.255
deny ip 192.168.0.0 0.0.255.255 5.0.0.0 0.255.255.255
deny ip 192.168.0.0 0.0.255.255 33.33.0.0 0.0.255.255
deny ip 192.168.0.0 0.0.255.255 66.66.0.0 0.0.255.255
permit tcp 192.168.0.0 0.0.255.255 any
permit ip 192.168.0.0 0.0.255.255 any
deny ip any any
No comments:
Post a Comment
Your comment will be reviewed for approval. Thank you for submitting your comments.