62-31
Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex
Chapter 62 Configuring Network Security with ACLs
Configuring PACLs
Figure 62-6 Applying ACLs on Routed Packets
Configuring PACLs
This section describes how to configure PACLs, which are used to control filtering on Layer 2 interfaces.
PACLs can filter traffic to or from Layer 2 interfaces based on Layer 3 information, Layer 4 head
information or non-IP Layer 2 information.
This section includes these topics:
• Creating a PACL, page 62-31
• PACL Configuration Guidelines, page 62-32
• Removing the Requirement for a Port ACL, page 62-32
• Webauth Fallback, page 62-33
• Configuring IPv4, IPv6, and MAC ACLs on a Layer 2 Interface, page 62-33
• Using PACL with Access-Group Mode, page 62-34
• Configuring Access-group Mode on Layer 2 Interface, page 62-35
• Applying ACLs to a Layer 2 Interface, page 62-35
• Displaying an ACL Configuration on a Layer 2 Interface, page 62-36
Creating a PACL
To create a PACL and apply it to one or more interfaces, follow these steps:
Step 1 Create the standard or extended IPv4 ACLs, IPv6 ACLs, or named MAC extended ACLs that you want
to apply to the interface.
Frame
Routing function
VLAN 10
Host A
(VLAN 10)
Packet
94157
Catalyst 4500 series switch
VLAN 20
Host B
(VLAN 20)
VLAN 10
map
Input
router
ACL
Output
router
ACL
VLAN 20
map
To Next Page
Loading...
