Access Control Lists (ACLs) for the Series 3400cl and Series 6400cl Switches
Configuring and Assigning an ACL
Configuring and Assigning a Numbered, Extended ACL
This section describes how to configure numbered, extended ACLs. To con-
figure other ACL types, refer to the following table.
To Configure: Refer To:
Standard, numbered ACLs “Configuring and Assigning a Numbered, Standard ACL” on
page 10-43
Named ACLs “Configuring a Named ACL” on page 10-54
While standard ACLs use only source IP addresses for filtering criteria,
extended ACLs allow multiple ACE criteria. This enables you to more closely
define your IP packet-filtering criteria. These criteria include:
■ Source and destination IP addresses (required), in one of the
following options:
• Specific host IP
• Subnet or group of IP addresses
• Any IP address
■ IP protocol (IP, TCP, or UDP)
■ Source TCP or UDP port (if the IP protocol is TCP or UDP)
■ Destination TCP or UDP port (if the IP protocol is TCP or UDP)
■ TCP or UDP eq operator (if the IP protocol is TCP or UDP)
You can configure extended ACLs with a numeric name in the range of 100 -
199. You can also configure extended ACLs with alphanumeric names. (Refer
to
“Configuring a Named ACL” on page 10-54.)
Note For a summary of ACL commands, refer to table 10-1, “Comprehensive Com-
mand Summary”, on page 10-5.
10-48
To Next Page
Loading...
Need help?
General