Can anyone please assist me with access list , show me how to create access list using cli command on EXOS

  • 0
  • 1
  • Problem
  • Updated 2 years ago
  • Solved
Access list 
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb

Posted 2 years ago

  • 0
  • 1
Photo of Patrick Voss

Patrick Voss, Employee

  • 11,484 Points 10k badge 2x thumb
Here is an article that explains how to create and apply an ACL:

https://gtacknowledge.extremenetworks.com/articles/How_To/How-to-create-and-apply-an-ACL-in-EXOS
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
Hello Sivyile

In XoS there are dynamic ACLs that you can execute on the cli and are usually in used until the switch is rebooted.  A permanent ACL is done using a policy file.  This file can be created using the CLI using the built in VI editor.

I am assuming you need the permanent version.  What I would recommend is to create the file using notepad on the computer and then transferring it to the switch using FTP or the newer web management of the switch (21.x)

The best way to do this initially is to go into the concepts guide and copy the example that is in there and paste it to notepad then manipulate it.

If there is something specific you need to do with the ACL let us know and we can create it for you but need the data

Thanks
P
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Hi Sivuyile, please see the Articles below:

How to create and apply an ACL in EXOS

Another option (CLI instead of Policy file) is using Dynamic ACL. You can see an example in the User Guide in the link below:

http://documentation.extremenetworks.com/exos/exos_21_1/acl/t_create-the-dynamic-acl-rule.shtml
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
Thanks Guys let me look on the link and see what i'm gone come up with , 
(Edited)
Photo of Christina Brunk

Christina Brunk, Employee

  • 496 Points 250 badge 2x thumb
Here's our ACL Solutions Guide. It is a bit outdated but may provide the information you are looking for...http://documentation.extremenetworks.com/PDFs/EXOS/ACL_Solutions_Guide.pdf
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
Hi

My problem now on VI  I am unable to save my access list and go back to command line i have try to use :w  for save and :wq to write and quit it seems both commands are not working can some please help me ... 

I'm not too sure if i'm allowed to past what i was doing here ?

Thnaks 
Photo of Stephen Williams

Stephen Williams, Employee

  • 8,838 Points 5k badge 2x thumb
Have you exited insert mode?  If there is a capital "I" in the bottom left your in insert mode. 
Press:
  1. esc
  2. :
  3. wq
  4. enter
Photo of Stephen Williams

Stephen Williams, Employee

  • 8,838 Points 5k badge 2x thumb
Sure,  What version of EXOS are you running.  I like Paul's idea with 21.1 with the new web editor.
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
If you are able to exit from "insert mode", you can try some alternatives as follows:
  1. esc
  2. :x
  3. enter
or
  1. esc
  2. ZZ
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
Thanks ZZ works 
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Great! :-)

Maybe ":" is not being recognized for some reason. 
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
thanks  i can go back to the command line now when i type ZZ , but now my configure look like has not been saved 

when i want to use my file its  not found 
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
Core-Switch.30 #  show version

Image   : ExtremeXOS version 21.1.1.4 21.1.1.4-patch1-2 by release-manager          on Fri Apr 15 12:41:44 EDT 2016
BootROM : 1.0.1.7
Diagnostics : 5.3
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
Please see results 

Core-Switch.31 # vi packetcounter.pol
entry packecounter {
if match all {
source-address 192.168.31.122/32;
destination-address 192.168.32.41./32;
} then {
count test ;
permit ;
}
}
:w
:wq
:q!
 
 
 
 
 
 
~
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
When I use the :wq or :q!  and press enter it take me to the next line 
Photo of Patrick Voss

Patrick Voss, Employee

  • 11,474 Points 10k badge 2x thumb
When you get into VI you have to press "i" to type. After the entry is finished press escape. This should put the cursor at the bottom blinking. Type in :wq then enter.
Photo of Stephen Williams

Stephen Williams, Employee

  • 8,838 Points 5k badge 2x thumb
I think your not getting out of insert mode.  make sure the "I" changed to a "-" before you do :wq
Photo of Henrique

Henrique, Employee

  • 10,302 Points 10k badge 2x thumb
Try to press "esc" many times and then ":wq".

Are you using console or telnet access? I'm wondering if that could be something with terminal emulator. If you are using console access, try via telnet.
Photo of Siva

Siva

  • 710 Points 500 badge 2x thumb
I'm using console okay let me add the switch to the network so that i can use telnet ...
Photo of Paul Russo

Paul Russo, Alum

  • 9,694 Points 5k badge 2x thumb
What emulator are you using? Is it set to VT100?