Chapter 7. Access Control Lists
© Copyright Lenovo 2017
Access Control Lists (ACLs) are filters that permit or deny traffic for security
purposes. They can also be used with QoS to classify and segment traffic in order
to provide different levels of service to different traffic types. Each filter defines the
conditions that must match for inclusion in the filter, and also the actions that are
performed when a match is made.
Enterprise NOS 8.4 supports the following ACLs:
IPv4 ACLs
Up to 640 ACLs are supported for networks that use IPv4 addressing. IPv4
ACLs are configured using the following CLI menu:
CN 4093(config)# access-control list <IPv4 ACL number>
IPv6 ACLs
Up to 128 ACLs are supported for networks that use IPv6 addressing. IPv6
ACLs are configured using the following CLI menu:
CN 4093(config)# access-control list6 <IPv6 ACL number>
Management ACLs
Up to 128 MACLs are supported. ACLs for the different types of management
protocols (Telnet, HTTPS, etc.) provide greater granularity for securing
management traffic.
Management ACLs are configured using the following command:
CN 4093(config)# access-control macl <MACL number>
VLAN Maps (VMaps)
Up to 128 VLAN Maps are supported for attaching filters to VLANs rather than
ports. See "VLAN Maps" on page
CN 4093(config)# access-control vmap <vmap number>
132 for details.
121