Access Control Lists (ACLs) for the Series 3400cl and Series 6400cl Switches
Planning an ACL Application on a Series 3400cl or Series 6400cl Switch
â– ACLs Operate On Ports and Static Trunk Interfaces: You can
assign an ACL to any port and/or any statically configured trunk on
the switch. ACLs do not operate with dynamic (LACP) trunks.
â– ACLs Screen Only the Traffic Entering the Switch on a Port or
Static Trunk Interface: On a given interface, ACLs can screen
inbound traffic at the point where it enters the switch. In the 3400cl/
6400cl switches, ACLs do not screen traffic routed between VLANs
within the switch, between subnets in a multinetted VLAN, or at the
interface where the traffic exits from the switch. (See figure
10-2 on
page
10-10.)
â– Before Modifying an Applied ACL, You Must First Remove It
from All Assigned Interfaces: An ACL cannot be changed while it
is assigned to an interface.
â– Before Deleting an Applied ACL, You Must First Remove It
from All Interfaces to Which It Is Assigned: An assigned ACL
cannot be deleted.
â– Port and Static Trunk Interfaces:
• Removing a port from an ACL-assigned trunk returns the port to its
default settings.
• To add a port to a trunk when an ACL is already assigned to the port,
you must first remove the ACL assignment from the port.
• Adding a new port to an ACL-assigned trunk automatically applies the
ACL to the new port.
10-29
To Next Page
Loading...
Need help?
General