Vlan Maps - Cisco Catalyst 4500 series Administration Manual

Chapter 54 Configuring Network Security with ACLs
This example applies the extended named MAC ACL simple-mac-acl to interface FastEthernet 6/1
egress traffic:
Switch# configure terminal
Switch(config)# interface fast 6/1
Switch(config-if)# mac access-group simple-mac-acl out
Displaying an ACL Configuration on a Layer 2 Interface
To display information about an ACL configuration on Layer 2 interfaces, perform one of these tasks:
Command
Switch# show ip interface [interface-name]
Switch# show mac access-group interface
[interface-name]
Switch# show access-group mode interface
[interface-name]
This example shows that the IP access group simple-ip-acl is configured on the inbound direction of
interface fa6/1:
Switch# show ip interface fast 6/1
FastEthernet6/1 is up, line protocol is up
Inbound
Outgoing access list is not set
This example shows that MAC access group simple-mac-acl is configured on the inbound direction of
interface fa6/1:
Switch# show mac access-group interface fast 6/1
Interface FastEthernet6/1:
Inbound access-list is simple-mac-acl
Outbound access-list is not set
This example shows that access group merge is configured on interface fa6/1:
Switch# show access-group mode interface fast 6/1
Interface FastEthernet6/1:
Access group mode is: merge
Using PACL with VLAN Maps and Router ACLs
For PACLs, the interaction with Router ACLs and VACLs depends on the interface access group mode
as shown in
OL_28731-01
access list is simple-ip-acl
Table 54-1.
Software Configuration Guide—Release IOS XE 3.6.0E and IOS 15.2(2)E
Using PACL with VLAN Maps and Router ACLs
Purpose
Shows the IP access group configuration on the interface.
Shows the MAC access group configuration on the
interface.
Shows the access group mode configuration on the
interface.
54-33