Ethernet Switches & Routers

Reply
Contributor
Posts: 31
Registered: ‎02-10-2011

How to apply acl in a Brocade port

Hi all,

I'm trying to apply an extended inbound ACL in a switch port. For example 1/1/10. It's a Fastiron FCX624S with 7.1 firmware.

The user's manual of version 7.2 it says ip access-list 100 in the interface that you want to apply it.

This command not exist and i can't apply the ACL.

¿What i need to do to apply an extended ACL in a port of a Brocade FCX624S switch?

Please, can you help me?

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

In the manual of the 7.1 version says exactly in the page 658

FastIron(config)#ip access-list extended “block Telnet”

FastIron(config-ext-nACL)#deny tcp host 209.157.22.26 any eq telnet log

FastIron(config-ext-nACL)#permit ip any any

FastIron(config-ext-nACL)#exit

FastIron(config)#int eth 1/1

FastIron(config-if-1/1)#ip access-group “block Telnet” in

When i try to use this command it not exists ¡¡¡¡ ip access-group not exists when i am in the interface configuration mode. Please help.

Super Contributor
Posts: 1,087
Registered: ‎12-13-2009

Re: How to apply acl in a Brocade port

Hi,

     I would think you are running layer 2 code and that is why you cannot apply a layer 3 ACL.

Do a 'show flash' and a 'show ver'  to check

by default you will be running layer 2 code

use http://community.brocade.com/docs/DOC-1842 to check what version you arew running and how to boot layer3 if you .need.

Thanks

Michael.

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

Thanks for the reply but i'm using a layer 3 firmware and the switch uses, for example, OSPF.

Stack unit 1:

  Compressed Pri Code size = 5258402, Version:07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Sec Code size = 5258402, Version:07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Boot-Monitor Image size = 369286, Version:07.0.01T7f5

  Code Flash Free Space = 54394880

Stack unit 2:

  Compressed Pri Code size = 5258402, Version 07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Sec Code size = 5258402, Version 07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Boot-Monitor Image size = 369286, Version 07.0.01T7f5

Super Contributor
Posts: 1,087
Registered: ‎12-13-2009

Re: How to apply acl in a Brocade port

Ok I think you need to 'enable ACL-per-port-per-vlan'

This should enable to the ip access group command.

Now I am not sure if after entering the command you need to reboot, so please give it a try.

Thanks

Michael.

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

Hi mschip ,

I have tryed using this command and rebooting the switch after write mem.

I have the same problem. This command not exists and i can't apply an extended acl to a port of the switch.

?¿¿?

thanks,

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

I think i have found a form to apply it only in a port of the Virtual interface.

I'm going to test it.

router(config-vif-1)#ip access-group 101 in ethernet 1/1/10

Contributor
Posts: 50
Registered: ‎01-07-2011

Re: How to apply acl in a Brocade port

What were the results of your test?

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

It worked correctly. Thanks.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.