Access Control Lists (ACLs) for the Series 3400cl and Series 6400cl Switches
ACL Operation
ACL Operation
Introduction
An ACL is a list of one or more Access Control Entries (ACEs), where each
ACE consists of a matching criteria and an action (permit or deny). An ACL
applies only to the switch in which it is configured. ACLs operate on assigned
ports and static trunks, and filter these traffic types:
■ Traffic entering the switch. (Note that ACLs do not screen traffic at
any internal point.where traffic moves between VLANs or subnets
within the switch; only on inbound ports and static trunks. Refer to
“ACL Inbound Application Points” on page 10-9.)
■ Switched or routed traffic entering the switch and having an IP
address on the switch as the destination
You can apply one inbound ACL to each port and static trunk configured on
the switch. The complete range of options per interface includes:
■ No ACL assigned. (In this case, all traffic entering the switch on the
interface does so without any ACL filtering, which is the default.)
■ One ACL assigned to filter the inbound traffic entering the switch on
the interface.
■ Multiple Assignments for the same ACL. (The switch allows one
ACL assignment to an interface, but you can assign the same ACL to
multiple interfaces.)
Note On a given port or trunk, after you assign an ACL, the default action is to deny
any traffic that is not specifically permitted by the ACL. (This applies only to
the inbound traffic flow filtered by the ACL.)
10-12
To Next Page
Loading...
