TFTP: Uploading an ACL command file from a TFTP server (CLI)
Syntax:
copy tftp command-file <ip-addr> <filename.txt> {<unix | pc>}
Copies and executes the named text file from the specified TFTP server address and executes the ACL commands in the file.
<ip-addr>
|
The IP address of a TFTP server available to the switch |
<filename.txt>
|
A text file containing ACL commands and stored in the TFTP directory of the server identified by ip-addr |
{<unix | pc>} |
The type of workstation used for serial, Telnet, or SSH access to the switch CLI |
running-config
file:
Creates a new ACL.
Replaces an existing ACL. (See "Creating an ACL Offline" in the "Access Control Lists (ACLs)" in the latest access security guide for your switch.)
Adds to an existing ACL
Example:
Suppose you:
Created an ACL command file named
vlan10_in.txt
to update an existing ACL.Copied the file to a TFTP server at 18.38.124.16.
Using a PC workstation, you then execute the following from the CLI to upload the file to the switch and implement the ACL commands it contains:
switch(config)# copy tftp command-file 18.38.124.16 vlan10_in.txt pc
The switch displays this message:
Running configuration may change, do you want to continue [y/n]?
To continue with the upload, press the [Y] key. To abort the upload, press the [N] key. Note that if the switch detects an illegal (non-ACL) command in the file, it bypasses the illegal command, displays a notice (as shown in Using the copy command to download and configure an ACL ), and continues to implement the remaining ACL commands in the file.
1This message indicates that the
show running
command just above it is not an ACL command and will be ignored by the switch.
2Manually executing the
show running
from the CLI indicates that the file was implemented, creating ACL 155 in the switch’s running configuration.