Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

access-list

policy access-list, vpn interface access-list—Configure or apply an IPv4 access list (on vEdge routers only).

Command Hierarchy

Create an Access List

policy
  access-list acl-name
    default-action action
    sequence number
      match
        class class-name
        destination-data-prefix-list list-name 
        destination-ip prefix/length 
        destination-port number
        dscp number
        packet-length number
        plp (high | low)
        protocol number
        source-data-prefix-list list-name 
        source-ip prefix-length 
        source-port number
        tcp flag
      action
        drop
          count counter-name
          log
        accept
          class class-name
          count counter-name 
          log
          mirror mirror-name
          policer policer-name
          set dscp value
          set next-hop ipv4-address

Apply an Access List

vpn vpn-id
  interface interface-name
    access-list acl-name (in | out)

Options

Access List Name
acl-name
Name of the access list to configure or to apply to the interface.
Direction in which to Apply Access List
(in | out)
Direction in which to apply the access list. Applying it in the inbound direction (in) affects packets being received on the interface. Applying it in the outbound direction (out) affects packets being transmitted on the interface.

Example

Apply an access list to an interface in VPN 1:

vpn 1
  interface ge0/4
    ip address 10.20.24.15/24
    no shutdown
    access-list acl1 in

Release Information

Command introduced in Viptela Software Release 14.1.​

Additional Information

See the Configuring Localized Data Policy for IPv4, Forwarding and QoS Overview, and Forwarding and QoS Configuration Examples articles for your software release.
access-list (for IPv6)

  • Was this article helpful?