Table of Contents
Advertisement
Assigning ACLs to Ports
Assigning
Numbered IPv4
ACLs to a Port
Before you can assign an ACL to a port, you must first create an ACL. The
command that you use to assign an ACL to a port depends on which type
of ACL you have created. See the following sections:
"Assigning Numbered IPv4 ACLs to a Port" on page 1539
"Assigning MAC Address ACLs to a Port" on page 1540
"Assigning Named IPv4 ACLs" on page 1541
"Assigning Named IPv6 ACLs" on page 1542
Note
In situations where ports have both permit and deny ACLs, you must
assign the permit ACLs to a port first because ingress packets are
compared against the ACLs in the order in which they are added to
the ports. If you add the deny ACLs first, the ports may block
packets you want them to forward.
Note
The Numbered IPv4 ACLs and the MAC Address Lists ACLs do not
allow you to set a time range. Ports immediately begin to filter traffic
as soon as you assign an ACL. However, you can set time ranges
for the Named IPv4 and Named IPv6 ACLs. See "Setting ACL Time
Ranges" on page 1549.
To assign a Numbered IPv4 ACL to a port on the switch, use the
ACCESS-GROUP command in the Port Interface mode. Using this
command, you can add one Numbered IPv4 ACL to a port or several
ports. The ACL must exist on the switch. Here is the format of the
command:
id_number
access-group
For more information about this command, see "ACCESS-GROUP" on
page 1562.
AT-8100 Switch Command Line User's Guide
1539
Hide quick links:
Advertisement
Table of Contents
