1-1
1 ACL Configuration
This chapter includes these sections:
z ACL Overview
z ACL Configuration Task List
z Configuring an ACL
z Creating a Time Range
z Configuring a Basic ACL
z Configuring an Advanced ACL
z Configuring an Ethernet Frame Header ACL
z Copying an ACL
z Applying an ACL for Packet Filtering
z Displaying and Maintaining ACLs
z ACL Configuration Examples
ACL Overview
Introduction
An access control list (ACL) is a set of rules (that is, a set of permit or deny statements) for identifying
traffic based on matching criteria such as source address, destination address, and port number. The
selected traffic will then be permitted or rejected by predefined security policies.
ACLs are widely used in technologies where traffic identification is desired, such as packet filtering and
QoS.
Application of ACLs on the Switch
The switch supports two ACL application modes:
z Hardware-based application: An ACL is assigned to a piece of hardware. For example, an ACL is
applied to an Ethernet interface or VLAN interface for packet filtering or is referenced by a QoS
policy for traffic classification. Note that when an ACL is referenced to implement QoS, the actions
defined in the ACL rules, deny or permit, do not take effect; actions to be taken on packets
matching the ACL depend on the traffic behavior definition in QoS. For details about traffic
behavior, refer to the QoS Configuration.
To Next Page
Loading...
Need help?
General