Access Control
Configuring IPv4-based ACLs
Cisco 220 Series Smart Switches Administration Guide Release 1.1.0.x 239
17
Configuring IPv4-based ACLs
IPv4-based ACLs are used to check IPv4 packets, while other types of frames,
such as ARPs, are not checked.
The following fields can be matched:
• IP protocol (by name for well known protocols or directly by value)
• Source/destination IP addresses (including wildcards)
• Source/destination ports for TCP/UDP traffic
• Flag values for TCP frames
• DSCP/IP-precedence value
• ICMP and IGMP type and code
NOTE ACLs are also used as the building elements of flow definitions for per-flow QoS
handling (see Configuring QoS Advanced Mode).
IPv4-based ACLs are defined on the IPv4-Based ACL page. The rules are defined
on the IPv4-Based ACE page.
IPv6-based ACLs are defined on the IPv6-Based ACL page.
To define an IPv4-based ACL:
STEP 1 Click Access Control > IPv4-Based ACL.
The IPv4-Based ACL Table displays all currently defined IPv4-based ACLs.
STEP 2 To add a new IPv4-based ACL, click Add.
STEP 3 Enter the name of the new ACL in the ACL Name field. The names are
case-sensitive.
STEP 4 Click Apply. The IPv4-based ACL is defined, and the Running Configuration is
updated.
STEP 5 Click IPv4-Based ACE Table.
The IPv4-Based ACE page opens. You can view and/or add rules to this IPv4-
based ACL. See Configuring IPv4-Based ACEs for more details.
To Next Page
Loading...
