Access Control
ACL Binding
Cisco 500 Series Stackable Managed Switch Administration Guide 594
27
• Type of Service—The service type of the IP packet.
• ICMP—If the ACL is based on ICMP, select the ICMP message type that is
used for filtering purposes. Either select the message type by name or enter
the message type number. If all message types are accepted, select Any.
- Any—All message types are accepted.
- Select from list—Select message type by name from the drop-down list.
- ICMP Type to Match—Number of message type that is to be used for
filtering purposes.
• ICMP Code—The ICMP messages may have a code field that indicates how
to handle the message. Select one of the following options, to configure
whether to filter on this code:
- Any—Accept all codes.
- User Defined—Enter an ICMP code for filtering purposes.
STEP 5 Click Apply.
ACL Binding
When an ACL is bound to an interface (port, LAG or VLAN), its ACE rules are applied
to packets arriving at that interface.
Packets that do not match any of the ACEs in
the ACL are matched to a default rule, whose action is to drop unmatched packets.
Although each interface can be bound to only one ACL, multiple interfaces can be
bound to the same ACL by grouping them into a policy-map, and binding that
policy-map to the interface.
After an ACL is bound to an interface, it cannot be edited, modified, or deleted until
it is removed from all the ports to which it is bound or in use.
NOTE It is possible to bind an interface (port, LAG or VLAN) to a policy or to an ACL, but
they cannot be bound to both a policy and an ACL.
To bind an ACL to a VLAN:
STEP 1 Click Access Control > ACL Binding (VLAN).
STEP 2 Select a VLAN and click Edit.
To Next Page
Loading...
Need help?
General
