Table of Contents
Advertisement
IP ACL Types and Applications
IP ACL Types and Applications
The Cisco Nexus device supports IPv4, IPv6, and MAC ACLs for security traffic filtering. The switch allows
you to use IP access control lists (ACLs) as port ACLs, and Router ACLs as shown in the following table.
Table 10: Security ACL Applications
Application
Port ACL
Router ACL
VTY ACL
Application Order
When the device processes a packet, it determines the forwarding path of the packet. The path determines
which ACLs that the device applies to the traffic. The device applies the ACLs in the following order:
1 Port ACL
2 Ingress Router ACL
Rules
You can create rules in access-list configuration mode by using the permit or deny command. The switch
allows traffic that matches the criteria in a permit rule and blocks traffic that matches the criteria in a deny
rule. You have many options for configuring the criteria that traffic must meet in order to match the rule.
Cisco Nexus 3600 NX-OS Security Configuration Guide, Release 7.x
76
Supported Interfaces
An ACL is considered a port ACL when you apply it to
one of the following:
• Ethernet interface
• Ethernet port-channel interface
• Physical Layer 3 interfaces
• Layer 3 Ethernet subinterfaces
• Layer 3 Ethernet port-channel interfaces
• Layer 3 Ethernet port-channel subinterfaces
• Management interfaces
• Switched Virtual Interfaces (SVIs)
VTYs
Configuring IP ACLs
Types of ACLs Supported
IPv4 ACLs
IPv6 ACLs
MAC ACLs
IPv4 ACLs
IPv6 ACLs
IPv4 ACLs
IPv6 ACLs
Hide quick links:
Advertisement
Table of Contents
