Tuesday, June 16, 2015

Cisco Nexus: How To Create An ACL On A Nexus 7K

It sortof stumped me at first, when I started doing ACLs on the Nexus.  After all, I was used to, in the Catalyst line (as well as Brocade and everything else I worked on), doing ACLs a certain way.  I prefer doing the whole line at a time.  Like this:
ip access-list  107 deny  ip

However, the Nexus doesnt let you work this way.  While the Catalyst and Cisco routers do allow the kind of config that the Nexus requires, I just wasnt used to doing it that way.  But, sometimes you have to learn new things.  Here is how you create an ACL on the Nexus.  Below was on a 7K.

Notice that I start off (in config mode) with "ip access-list 107".  After hitting enter, then I do my deny/permit statements.

ip access-list  107 
 deny   ip
 deny   ip
 deny   ip
 deny   ip
 permit tcp any
 permit ip any
 deny   ip any any

No comments:

Post a Comment

Your comment will be reviewed for approval. Thank you for submitting your comments.