Ethernet Switches & Routers

Reply
Contributor
Posts: 31
Registered: ‎02-10-2011

How to apply acl in a Brocade port

Hi all,

I'm trying to apply an extended inbound ACL in a switch port. For example 1/1/10. It's a Fastiron FCX624S with 7.1 firmware.

The user's manual of version 7.2 it says ip access-list 100 in the interface that you want to apply it.

This command not exist and i can't apply the ACL.

¿What i need to do to apply an extended ACL in a port of a Brocade FCX624S switch?

Please, can you help me?

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

In the manual of the 7.1 version says exactly in the page 658

FastIron(config)#ip access-list extended “block Telnet”

FastIron(config-ext-nACL)#deny tcp host 209.157.22.26 any eq telnet log

FastIron(config-ext-nACL)#permit ip any any

FastIron(config-ext-nACL)#exit

FastIron(config)#int eth 1/1

FastIron(config-if-1/1)#ip access-group “block Telnet” in

When i try to use this command it not exists ¡¡¡¡ ip access-group not exists when i am in the interface configuration mode. Please help.

Super Contributor
Posts: 1,087
Registered: ‎12-13-2009

Re: How to apply acl in a Brocade port

Hi,

     I would think you are running layer 2 code and that is why you cannot apply a layer 3 ACL.

Do a 'show flash' and a 'show ver'  to check

by default you will be running layer 2 code

use http://community.brocade.com/docs/DOC-1842 to check what version you arew running and how to boot layer3 if you .need.

Thanks

Michael.

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

Thanks for the reply but i'm using a layer 3 firmware and the switch uses, for example, OSPF.

Stack unit 1:

  Compressed Pri Code size = 5258402, Version:07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Sec Code size = 5258402, Version:07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Boot-Monitor Image size = 369286, Version:07.0.01T7f5

  Code Flash Free Space = 54394880

Stack unit 2:

  Compressed Pri Code size = 5258402, Version 07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Sec Code size = 5258402, Version 07.1.00aT7f3 (FCXR07100a.bin)

  Compressed Boot-Monitor Image size = 369286, Version 07.0.01T7f5

Super Contributor
Posts: 1,087
Registered: ‎12-13-2009

Re: How to apply acl in a Brocade port

Ok I think you need to 'enable ACL-per-port-per-vlan'

This should enable to the ip access group command.

Now I am not sure if after entering the command you need to reboot, so please give it a try.

Thanks

Michael.

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

Hi mschip ,

I have tryed using this command and rebooting the switch after write mem.

I have the same problem. This command not exists and i can't apply an extended acl to a port of the switch.

?¿¿?

thanks,

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

I think i have found a form to apply it only in a port of the Virtual interface.

I'm going to test it.

router(config-vif-1)#ip access-group 101 in ethernet 1/1/10

Contributor
Posts: 50
Registered: ‎01-07-2011

Re: How to apply acl in a Brocade port

What were the results of your test?

Contributor
Posts: 31
Registered: ‎02-10-2011

Re: How to apply acl in a Brocade port

It worked correctly. Thanks.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook