Hello Ganil,
An extended ACL can permit or deny traffic based on both the source and destination address(s) as well as tcp/udp/icmp trafic types.
For an extended ACL ID, use either a unique number in the range of 100-199 or a unique name string of up to 64 alphanumeric characters
Example ,
Aruba-Switch(Config)#ip access-list extended “Abcd” (Creates an extended access list Abcd)
Aruba-Switch(config-ext-nacl)#10 deny tcp 0.0.0.0 255.255.255.255 192.168.1.2 0.0.0.0 eq 25 (Denies everyone access to port 25 on 192.168.1.2)
Aruba-Switch(config-ext-nacl)#20 permit ip 0.0.0.0 255.255.255.255 0.0.0.0 255.255.255.255 (Permit any to any for any IP service)
Aruba-Switch(vlan10)#ip access-group “Abcd” in (Applies the access list 100 in an inbound direction for vlan 10)
Aruba-Switch(Config)#show access-list (Displays configured access-lists)