Table of Contents
Advertisement
Adding or Removing an ACL Assignment
On an Interface
Filtering Routed IPv4 Traffic
For a given VLAN interface on a switch configured for routing, you can assign
an ACL as an RACL to filter inbound IPv4 traffic and another ACL as a RACL
to filter outbound IPv4 traffic. You can also assign one ACL for both inbound
and outbound RACLs, and for assignment to multiple VLANs. For limits and
operating rules, refer to "IPv4 ACL Configuration and Operating Rules" on
page 10-32.
Syntax: [no] vlan < vid > ip access-group < identifier > < in | out >
where: < identifier > = either a ACL name or an ACL ID number.
Assigns an ACL to a VLAN as an RACL to filter routed IPv4
traffic entering or leaving the switch on that VLAN. You can
use either the global configuration level or the VLAN context
level to assign or remove an RACL.
Note: The switch allows you to assign a nonexistent ACL
name or number to a VLAN. In this case, if you subsequently
configure an ACL with that name or number, it
automatically becomes active on the assigned VLAN. Also,
if you delete an assigned ACL from the switch without
subsequently using the "no" form of this command to
remove the assignment to a VLAN, the ACL assignment
remains and will automatically activate any new ACL you
create with the same identifier (name or number).
IPv4 Access Control Lists (ACLs)
Adding or Removing an ACL Assignment On an Interface
10-81
Hide quick links:
Advertisement
Table of Contents
