IPv4 Access Control Lists (ACLs)
Introduction
Introduction
Feature Default Menu CLI Web
Numbered ACLs
Standard ACLs None — 9-40 —
Extended ACLs None — 9-45 —
Named ACLs — 9-51 —
Enable or Disable an ACL — 9-53 —
Display ACL Data n/a — 9-55 —
Delete an ACL n/a — 9-54 —
Configure an ACL from a TFTP Server n/a — 9-64 —
Enable ACL Logging n/a — 9-69 —
Show ACL Resources n/a — 9-20 —
Access-List Resources Help n/a — 9-19 —
ACL Applications
ACLs can filter traffic from a host, a group of hosts, or from entire subnets.
Where it is necessary to apply ACLs to filter traffic from outside a network or
subnet, applying ACLs at the edge of the network or subnet removes unwanted
traffic as soon as possible, and thus helps to improve system performance.
ACLs filter inbound traffic only and can rapidly consume switch resources.
For these reasons, the best places to apply ACLs are on “edge” ports where
ACLs are likely to be less complex and resource-intensive.
Optional Network Management Applications
ACLs through a RADIUS server can also be augmented using the Identity-
Driven Management (IDM) application available for use with PCM. However,
the features described in this chapter can be used without PCM or IDM
support, if desired.
For information on configuring client authentication on the switch, refer to
chapter 5, “RADIUS Authentication, Authorization, and Accounting”.
9-4
To Next Page
Loading...
Need help?
General