Table of Contents
Advertisement
Configuring ACL
MAC access list 10 name: ACL_10
rule 5 permit logging disable action redirect Gi1/0/4
Switch(config)#end
Switch#copy running-config startup-config
2.2.4 Configuring ACL Binding
You can bind the ACL to a port or a VLAN. The received packets on the port or in the VLAN
will then be matched and processed according to the ACL rules. An ACL takes effect only
after it is bound to a port or VLAN.
Note:
Different types of ACLs cannot be bound to the same port or VLAN.
•
Multiple ACLs of the same type can be bound to the same port or VLAN. The switch matches
•
the received packets using the ACLs in order. The ACL that is bound earlier has a higher
priority.
Follow the steps below to bind ACL to a port or a VLAN:
Step 1
configure
Enter global configuration mode
Step 2
access-list bind acl-id-or-name interface { [ vlan vlan-list ] | [ fastEthernet port-list ] | [
gigabitEthernet port-list | [ ten-gigabitEthernet port-list ] }
Bind the ACL to a port or a VLAN.
acl-id-or-name
vlan-list
values are from 1 to 4094, for example, 2-3,5.
port-list
Step 3
show access-list bind
View the ACL binding configuration.
Step 4
end
Return to privileged EXEC mode.
Step 5
copy running-config startup-config
Save the settings in the configuration file.
The following example shows how to bind ACL 1 to port 3 and VLAN 4:
Switch#configure
Switch(config)#access-list bind 1 interface vlan 4 gigabitEthernet 1/0/3
SSwitch(config)#show access-list bind
: Enter the ID or name of the ACL that you want to add a rule for.
: Specify the ID or the ID list of the VLAN(s) that you want to bind the ACL to. The valid
: Specify the number or the list of the Ethernet port that you want to bind the ACL to.
ACL Configuration
Configuration Guide
603
Advertisement
Table of Contents
