hit counter script

Router Acls - Cisco ME 3400G-2CS - Ethernet Access Switch Software Configuration Manual

Ethernet access switch
Hide thumbs Also See for ME 3400G-2CS - Ethernet Access Switch:
Table of Contents

Advertisement

Understanding ACLs
Figure 28-1
When you apply a port ACL to a trunk port, the ACL filters traffic on all VLANs present on the trunk
port.
With port ACLs, you can filter IP traffic by using IP access lists and non-IP traffic by using MAC
addresses. You can filter both IP and non-IP traffic on the same Layer 2 interface by applying both an IP
access list and a MAC access list to the interface.
Note
You cannot apply more than one IP access list and one MAC access list to a Layer 2 interface. If an IP
access list or MAC access list is already configured on a Layer 2 interface and you apply a new IP access
list or MAC access list to the interface, the new ACL replaces the previously configured one.

Router ACLs

If the switch is running the metro IP access image, you can apply router ACLs on switch virtual
interfaces (SVIs), which are Layer 3 interfaces to VLANs; on physical Layer 3 interfaces; and on Layer
3 EtherChannel interfaces. You apply router ACLs on interfaces for specific directions (inbound or
outbound). You can apply one router ACL in each direction on an interface.
One ACL can be used with multiple features for a given interface, and one feature can use multiple
ACLs. When a single router ACL is used by multiple features, it is examined multiple times.
The switch supports these access lists for IPv4 traffic:
Cisco ME 3400 Ethernet Access Switch Software Configuration Guide
28-4
Using ACLs to Control Traffic to a Network
Human
Resources
network
= ACL denying traffic from Host B
and permitting traffic from Host A
= Packet
Standard IP access lists use source addresses for matching operations.
Extended IP access lists use source and destination addresses and optional protocol type information
for matching operations.
Chapter 28
Host A
Host B
Research &
Development
network
Configuring Network Security with ACLs
78-17058-01

Advertisement

Table of Contents
loading

Table of Contents