Problem for me at the moment - Cisco Community

907

Views

0

Helpful

1

Replies

Hi All

I need to configure an acl on a vlan on a nexus 7000.

Now i have a guide but i want to convert an old style access list with permits denys and finally a deny

all at the end into a nexus 7000 acl

so

Do i do it like this ..

conf t

vlan access-map acl-map
  match mac address acl-mac-01  (permits)
  action forward 
  match mac address acl-drop1 (denys)
  action drop
  match mac address acl-perm02 (permits)
action forward 
  match mac address acl-drop2 (deny all)
  action drop

vlan filter acl-map vlan-list 50-82

Is that correct because the guide i have doesnt specify if you can ghave multiple acls on an acl-map or not

Otherwise how can you use an acl with multiple alternating permits and denies ?

Steve

W

1 Reply 1

Problem for me at the moment is i wanted to do some specific permits

followed by some specific drops , followed by some specific permits

It seems i cannot do this so i am stuck !

Ip access-list acl-mac-01

10 remark is Guest for forescout

20 permit ip any xxx.xx.xxx.0/24 eq 8080

30 permit ip any xxx.xx.xxx.0/24 eq 9997-9998

Ip access-list acl-drop-01

10 deny ip any xxx.xx.0.0/16

20 deny ip any 10.0.0.0/8

Ip access-list acl-perm02

10 permit ip any any eq 443

20 permit ip any any eq 80

Steve

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card