ip port access-group (session)

To apply an IPv4 access control list (ACL) to an interface as a port ACL, use the ip port access-group command. To remove an IPv4 ACL from an interface, use the no form of this command.

ip port access-group access-list-name {in | out}

no ip port access-group access-list-name {in | out}

Syntax Description

access-list-name

Name of the IPv4 ACL. The name can be up to 64 alphanumeric, case-sensitive characters long.

in

Specifies that the ACL applies to inbound traffic.

out

Specifies that the ACL applies to outbound traffic.


Command Default

None

Command Modes

Session interface configuration mode

Command History

Release
Modification

4.0(0)N1(1)

This command was introduced.


Examples

This example shows how to apply an IPv4 ACL named ip-acl-01 to the Ethernet interface 1/2 as a port ACL:

switch# configure session MySession1 
switch(config-s)# interface ethernet 1/2 
switch(config-s-if)# ip port access-group ip-acl-01 in 
switch(config-s-if)#

This example shows how to remove an IPv4 ACL named ip-acl-01 from Ethernet interface 1/2:

switch(config-s)# interface ethernet 1/2 
switch(config-s-if)# no ip port access-group ip-acl-01 in 
switch(config-s-if)#

Related Commands

Command
Description

show access-lists

Displays all ACLs.

show configuration session

Displays the contents of the session.