Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

difference between access-group & access-class

what is the difference between access group and access class commands.Which one is better and under what conditions are each used

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: difference between access-group & access-class

Hello athambi,

access-group [in|out] is used to tie an access-list to an interface.

access-class [in|out] is used to tie an access-list to vty lines.

So in case you want to prevent incoming network traffic on port 80 through Ethernet 0/0 you use

int E0/0

ip access-group 123 in

In case you want to allow only your PC from accessing the VTY via telnet/SSH use

line vty 0 4

ip access-class 1 in

HTH

--Leon

* Please rate posts.

2 REPLIES
Silver

Re: difference between access-group & access-class

Hello athambi,

access-group [in|out] is used to tie an access-list to an interface.

access-class [in|out] is used to tie an access-list to vty lines.

So in case you want to prevent incoming network traffic on port 80 through Ethernet 0/0 you use

int E0/0

ip access-group 123 in

In case you want to allow only your PC from accessing the VTY via telnet/SSH use

line vty 0 4

ip access-class 1 in

HTH

--Leon

* Please rate posts.

Re: difference between access-group & access-class

Hi

Access-group is used to bind a access-list with a particular interface.

access-class is used to bind a access-list to VTY lines.

in order to restrict access through telnet.

Thanks

Mahmood

1399
Views
3
Helpful
2
Replies
CreatePlease login to create content