IP ACLs
IP ACLs classify for Layers 3 and 4.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents
of a given field should be used to permit or deny access to the network, and may apply to one or more of
the following fields within a packet:
•
Destination IP with wildcard mask
•
Destination L4 Port
•
Every Packet
•
IP DSCP
•
IP Precedence
•
IP TOS
•
Protocol
•
Source IP with wildcard mask
•
Source L4 port
•
Destination Layer 4 port
ACL Configuration Process
To configure ACLs, follow these steps:
1 Create an ACL.
•
Create a MAC ACL by specifying a name.
•
Create an IP ACL by specifying a number.
2 Add new rules to the ACL.
3 Configure the match criteria for the rules.
4 Apply the ACL to one or more interfaces.
114
Device Security