This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

EXOSVM access-list help

EXOSVM access-list help

jasiowski
New Contributor

‎11-25-2020 05:27 PM

Hello, I have lab in GNS3 with 2 pc, exosvm switch and ubuntu server with www on apache and SSH. How can I connect PC1 only to www site and PC2 only to SSH. How can I use ACL to do it? Any advice? 
I’m glad for any help.

0 Kudos
1 REPLY 1

Miguel-Angel_RO
Valued Contributor II

‎11-28-2020 09:01 AM

Jasioswski,

Here from my cheat sheet:

#STATIC = from a policy

    '1-Check if there are enough ACL resources available

    '2-Create a STATIC ACL policy file

    #edit policy <policy-name>.pol 'edit = vi

    # entry <rule-name> {

    # if {<condition>;}

    # then{<actions>;}

    # }

    edit policy denyTelnet.pol

        entry noTelnet {

        if {

            destination-address 10.1.10.1/32;

            source-address 10.1.10.101/32;

            protocol tcp;

            destination-port 23;

            }

        then {

            deny;

            }

        }

    '3-Save or copy the policy file to the flash as .pol

    '4-Check the policy for syntax errors

    check policy <policy-name>

    '5-Apply the policy to port(s), VLAN(s) or any "wildcard"

        #immediately applied

        #precedence is port, VLAN, wildcard

    configure access-list <policy-name>.pol ports <ports_numbers>[ingress|egress]

    configure access-list <policy-name>.pol vlan <vlan_name|vlan_ID>[ingress|egress]

    configure access-list <policy-name>.pol any [ingress|egress]

    refresh policy <policy_name> 'will refresh the deployment of the policy

    '6-VERIFY

    show policy

    show policy <policy-name>

    show access-list

Mig

0 Kudos
GTM-P2G8KFN