ip access-group
This command associates an access list with an IP interface. Refer to the "access-list" command documentation for more information.
To remove an access list association, use the no format of the command.
Syntax
ip access-group <acl-id> in ip access-group <acl-id> out no ip access-group <acl-id>
|
Command |
Description |
|---|---|
|
<acl-id> |
Identifies the access list to use (number or name). |
|
in |
The access list will control inbound traffic on the interface. |
|
out |
The access list will control outbound traffic on the interface. |
Default
The default setting for IP interfaces is no access-group, i.e. unlimited traffic.
Command Mode
This command is issued in interface context.
Example
This example associates an access list with a VLAN interface:
(conf-if-VLAN 1)# ip access-group 2001 in