Defining Acl Binding - Cisco 300 Series Administration Manual

24

Defining ACL Binding

NOTE
STEP 1
STEP 2
STEP 3
NOTE
STEP 4
STEP 5
487
When an ACL is bound to an interface (port, LAG or VLAN), its ACE rules are applied
to packets arriving at that interface. Packets that do not match any of the ACEs in
the ACL are matched to a default rule, whose action is to drop unmatched packets.
Although each interface can be bound to only one ACL, multiple interfaces can be
bound to the same ACL by grouping them into a policy-map, and binding that
policy-map to the interface.
After an ACL is bound to an interface, it cannot be edited, modified, or deleted until
it is removed from all the ports to which it is bound or in use.
It is possible to bind an interface (port, LAG or VLAN) to a policy or to an ACL, but
they cannot be bound to both a policy and an ACL.
To bind an ACL to a port or LAG:
Click Access Control > ACL Binding (Port).
Select an interface type Ports/LAGs (Port or LAG).
Click Go. For each type of interface selected, all interfaces of that type are
displayed with a list of their current ACLs:
• Interface—Identifier of interface.
• MAC ACL—ACLs of type MAC that are bound to the interface (if any).
• IPv4 ACL—ACLs of type IPv4 that are bound to the interface (if any).
• IPv6 ACL—ACLs of type IPv6 that are bound to the interface (if any).
To unbind all ACLs from an interface, select the interface, and click Clear.
Select an interface, and click Edit.
Select one of the following:
• Select MAC Based ACL—Select a MAC-based ACL to be bound to the
interface.
• Select IPv4 Based ACL—Select an IPv4-based ACL to be bound to the
interface.
• Select IPv6 Based ACL—Select an IPv6-based ACL to be bound to the
interface.
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)
Access Control
Defining ACL Binding