Configuring Device Information 267
Configuring MAC Based ACLs with CLI Commands
The following table summarizes the equivalent CLI commands for configuring MAC Based ACLs.
Defining ACL Binding
When an ACL is bound to an interface, all the ACE rules that have been defined are applied to the
selected interface.Whenever an ACL is assigned on a port or LAG, flows from that ingress interface that
do not match the ACL are matched to the default rule, which is Drop unmatched packets.
To bind ACLs to interfaces:
1
Open the
Network Security - ACL Bindings
page, click
Switch
â
Network Security
â
ACL Binding
s.
Figure 7-14. Network Security - ACL Binding
2
In the
Select an ACL
field, select an IP Based or MAC Based ACL.
Table 7-6. MAC Based ACL CLI Commands
CLI Command Description
mac access-list access-list-name
no mac access-list access-list-name
To define a Layer 2 access list and to place the
device in MAC access list configuration mode, use
the mac access-list command in global
configuration mode. To remove the access list, use
the no form of this command.
permit {any|{source source- wildcard} {any|{ destination
destination- wildcard}} [vlan vlan-id] [cos cos cos-wildcard]
[ethtype eth-type] [inner-vlan vlan-id]
To set permit conditions for an MAC access list, use
the permit command in MAC access list
configuration mode.
deny [disable-port] {any|{source source- wildcard} {any|{
destination destination- wildcard}} [vlan vlan-id] [cos cos
cos-wildcard] [ethtype eth-type] [inner-vlan vlan-id]
To set deny conditions for an MAC access list, use
the deny command in MAC access list
configuration mode.
To Next Page
Loading...
Need help?
General