Anda di halaman 1dari 2

Using ACL on Alcatel Layer 3 Switches ( OmniSwitch AOS Release 6):

=============================================
Quick Steps for Creating ACLs
The following steps provide a quick tutorial for creating a standard ACL using
the ACLMAN shell:
1. Activate the ACLMAN shell using the aclman CLI command.
-> aclman
Welcome to ACLMAN
Aclman#
When the shell goes operational, the Privileged Exec Mode is automatically acti
vated.
2. Enter the configure terminal command to access the Global Configuration Mode
.
Aclman#configure terminal
Aclman(config)#
3. Use the access-list command to create a standard ACL that will permit traffi
c originating from a specific IP network.
Aclman(config)#access-list 1 permit 10.0.0.0 0.255.255.255
4. Use the interface ethernet command to enter the Interface Configuration Mode
for a specific ethernet switch port.
To specify the switch port, enter the slot number followed by a slash and th
e port number on that slot (e.g. 3/1 specifies port 1 on slot 3).
Aclman(config)#interface ethernet 1/1
Aclman(config-if)#
5. Use the ip access-group command to associate the access list created in Step
3 as a filter for either incoming (in) or outgoing (out) traffic on port 1/1.
Aclman(config-if)#ip access-group 1 in
6. Enter the exit command to return to the Global Configuration Mode to create
additional ACL entries or enter the end command to return to the Privileged Exec
Mode.
Aclman(config-if)#end
7. Optional:In the Privileged Exec Mode, use the show ip access-lists command t
o verify the ACL configuration. The display is similar to the following:
Aclman#show ip access-lists
Standard IP access list 110 permit 10.0.0.0, wildcard bits 0.255.255.255

8. In the Privileged Exec Mode, use the write memory command to save the runnin
g ACL configuration. Note that if this is not done,
the ACL configuration is lost on the next reboot of the switch.

Aclman#write memory
9. To close the ACLMAN shell and return to the Alcatel-Lucent CLI, access the P
rivileged Exec Mode and use the exit command.
Note that when modes other than the Privileged Exec Mode are active, the exi
t command returns to the previous mode and does not close the ACLMAN shell.
For example:
Aclman(config-if)#exit
Aclman(config)#exit
Aclman#exit
---:The End:---