Access Control Lists (ACLs) for the Series 5300xl Switches
Contents
ACL Configuration Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-26
Standard ACL Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-27
Extended ACL Configuration Structure . . . . . . . . . . . . . . . . . . . . 9-28
ACL Configuration Factors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-29
The Sequence of Entries in an ACL Is Significant . . . . . . . . . . . . 9-29
In Any ACL, There Will Always Be a Match . . . . . . . . . . . . . . . . . 9-31
A Configured ACL Has No Effect Until You Apply It to an
Interface
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31
You Can Assign an ACL Name or Number to a VLAN Even
if the ACL Does Not Yet Exist in the Switch’s Configuration
. . 9-31
Using the CLI To Create an ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-31
Configuring and Assigning a Numbered, Standard ACL . . . . . . . . . . 9-33
Configuring and Assigning a Numbered, Extended ACL . . . . . . . . . . 9-38
Configuring a Named ACL . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-44
Enabling or Disabling ACL Filtering on a VLAN . . . . . . . . . . . . . . . . . 9-46
Deleting an ACL from the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-47
Displaying ACL Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-48
Display an ACL Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-48
Display the Content of All ACLs on the Switch . . . . . . . . . . . . . . . . . . 9-49
Display the ACL Assignments for a VLAN . . . . . . . . . . . . . . . . . . . . . . 9-50
Displaying the Content of a Specific ACL . . . . . . . . . . . . . . . . . . . . . . 9-51
Display All ACLs and Their Assignments in the Switch
Startup-Config File and Running-Config File . . . . . . . . . . . . . . . . . . . . 9-53
Editing ACLs and Creating an ACL Offline . . . . . . . . . . . . . . . . . . . . . . . . . 9-53
Using the CLI To Edit ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-53
Working Offline To Create or Edit an ACL . . . . . . . . . . . . . . . . . . . . . 9-56
Enable ACL “Deny” Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-59
Requirements for Using ACL Logging . . . . . . . . . . . . . . . . . . . . . . . . . . 9-59
ACL Logging Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-60
Enabling ACL Logging on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . 9-60
Operating Notes for ACL Logging . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-62
General ACL Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-63
9-2
To Next Page
Loading...
Need help?
General