EasyManuals Logo
Home>Cisco>Switch>Catalyst 250 Series

Cisco Catalyst 250 Series User Manual

Cisco Catalyst 250 Series
498 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #178 background imageLoading...
Page #178 background image
For inbound ACLs, after receiving a packet, the switch checks the packet against the ACL. If the ACL permits
the packet, the switch continues to process the packet. If the ACL rejects the packet, the switch discards the
packet.
For outbound ACLs, after receiving and routing a packet to a controlled interface, the switch checks the packet
against the ACL. If the ACL permits the packet, the switch sends the packet. If the ACL rejects the packet,
the switch discards the packet.
By default, the input interface sends ICMP Unreachable messages whenever a packet is discarded, regardless
of whether the packet was discarded because of an ACL on the input interface or because of an ACL on the
output interface. ICMP Unreachables are normally limited to no more than one every one-half second per
input interface, but this can be changed by using the ip icmp rate-limit unreachable global configuration
command.
When you apply an undefined ACL to an interface, the switch acts as if the ACL has not been applied to the
interface and permits all packets. Remember this behavior if you use undefined ACLs for network security.
Related Topics
Applying an IPv4 ACL to an Interface, on page 167
Restrictions for Configuring IPv4 Access Control Lists, on page 140
How to Configure ACLs
Configuring IPv4 ACLs
These are the steps to use IP ACLs on the switch:
SUMMARY STEPS
1.
Create an ACL by specifying an access list number or name and the access conditions.
2.
Apply the ACL to interfaces or terminal lines. You can also apply standard and extended IP ACLs to
VLAN maps.
DETAILED STEPS
PurposeCommand or Action
Create an ACL by specifying an access list number or name and the access conditions.
Step 1
Apply the ACL to interfaces or terminal lines. You can also apply standard and extended
IP ACLs to VLAN maps.
Step 2
Creating a Numbered Standard ACL
Follow these steps to create a numbered standard ACL:
Catalyst 2960-X Switch Security Configuration Guide, Cisco IOS Release 15.0(2)EX
154 OL-29048-01
Configuring IPv4 ACLs
How to Configure ACLs

Table of Contents

Other manuals for Cisco Catalyst 250 Series

Preview: Hardware Installation Guide
Hardware Installation Guide102 pages
Preview: Configuration Guide
Configuration Guide118 pages
Preview: Getting Started Guide
Getting Started Guide26 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 250 Series and is the answer not in the manual?

Cisco Catalyst 250 Series Specifications

General IconGeneral
BrandCisco
ModelCatalyst 250 Series
CategorySwitch
LanguageEnglish

Related product manuals