Access Control; Acl; Ipv4 And Ipv6 Acls; Chapter - Cisco WAP125 Administrator's Manual

Access Control

This chapter describes how to configure the ACL and the quality of service (QoS) feature on the WAP device.
It contains the following topics:
•
•
•

ACL

Access Control Lists (ACLs) are a collection of permit and deny conditions, called rules, that provide security
by blocking unauthorized users and allowing authorized users to access specific resources. ACLs can block
any unwarranted attempts to reach network resources.
The WAP device supports up to 50 IPv4, IPv6, and MAC ACLs and up to 10 rules in each ACL. Each ACL
supports multiple interfaces.

IPv4 and IPv6 ACLs

Each ACL is a set of rules applied to traffic received by the WAP device. Each rule specifies whether the
contents of a given field should be used to permit or deny access to the network. Rules can be based on various
criteria and may apply to one or more fields within a packet, such as the source or destination IP address, the
source or destination port, or the protocol carried in the packet. The IP ACLs classify traffic for Layers 3 and
4.
There is an implicit deny at the end of every rule created. To avoid denying all, we strongly recommend
Note
that you add a permit rule to the ACL to allow traffic.
MAC ACLs
MAC ACLs are Layer 2 ACLs. You can configure the rules to inspect fields of a frame such as the source or
destination MAC address, the VLAN ID, or the class of service. When a frame enters the WAP device port,
ACL, page 65
Client QoS, page 73
Guest Access, page 80
C H A P T E R
Cisco WAP125 Wireless-AC/N Dual Band Desktop Access Point with PoE
6
65