32-8
Catalyst 3750 Switch Software Configuration Guide
OL-8550-02
Chapter 32 Configuring Network Security with ACLs
Configuring IPv4 ACLs
The software supports these types of ACLs or access lists for IPv4:
• Standard IP access lists use source addresses for matching operations.
• Extended IP access lists use source and destination addresses for matching operations and optional
protocol-type information for finer granularity of control.
These sections describe access lists and how to create them:
• Access List Numbers, page 32-8
• ACL Logging, page 32-9
• Creating a Numbered Standard ACL, page 32-10
• Creating a Numbered Extended ACL, page 32-11
• Resequencing ACEs in an ACL, page 32-15
• Creating Named Standard and Extended ACLs, page 32-15
• Using Time Ranges with ACLs, page 32-17
• Including Comments in ACLs, page 32-19
Access List Numbers
The number you use to denote your ACL shows the type of access list that you are creating. Table 32-1
lists the access-list number and corresponding access list type and shows whether or not they are
supported in the switch. The switch supports IPv4 standard and extended access lists, numbers 1 to 199
and 1300 to 2699.
Table 32-1 Access List Numbers
Access List Number Type Supported
1–99 IP standard access list Yes
100–199 IP extended access list Yes
200–299 Protocol type-code access list No
300–399 DECnet access list No
400–499 XNS standard access list No
500–599 XNS extended access list No
600–699 AppleTalk access list No
700–799 48-bit MAC address access list No
800–899 IPX standard access list No
900–999 IPX extended access list No
1000–1099 IPX SAP access list No
1100–1199 Extended 48-bit MAC address access list No
1200–1299 IPX summary address access list No
1300–1999 IP standard access list (expanded range) Yes
2000–2699 IP extended access list (expanded range) Yes
To Next Page
Loading...
Need help?
General
