Loading ...
Loading ...
Loading ...
User Guide 830
Configuring ACL ACL Configuration
Switch#configure
Switch(config)#access-list action 10 rule 1
Switch(config-action)#redirect interface gigabitEthernet 1/0/4
Switch(config-action)#exit
Switch(config)#show access-list 10
MAC access list 10 name: ACL_10
rule 5 permit logging disable action redirect Gi1/0/4
Switch(config)#end
Switch#copy running-config startup-config
2.2.4 Configuring ACL Binding
You can bind the ACL to a port or a VLAN. The received packets on the port or in the VLAN
will then be matched and processed according to the ACL rules. An ACL takes effect only
after it is bound to a port or VLAN.
Note:
•
Different types of ACLs cannot be bound to the same port or VLAN.
•
Multiple ACLs of the same type can be bound to the same port or VLAN. The switch matches
the received packets using the ACLs in order. The ACL that is bound earlier has a higher
priority.
Follow the steps below to bind ACL to a port or a VLAN:
Step 1 configure
Enter global configuration mode
Step 2
access-list bind
acl-id-or-name
interface { [ vlan
vlan-list
] | [
fastEthernet
port-list
] | [
gigabitEthernet
port-list
] | [
ten-gigabitEthernet
port-list
] }
Bind the ACL to a port or a VLAN.
acl-id-or-name
: Enter the ID or name of the ACL that you want to add a rule for.
vlan-list
: Specify the ID or the ID list of the VLAN(s) that you want to bind the ACL to. The valid
values are from 1 to 4094, for example, 2-3,5.
port-list
: Specify the number or the list of the Ethernet port that you want to bind the ACL to.
Step 3 show access-list bind
View the ACL binding configuration.
Step 4 end
Return to privileged EXEC mode.
Loading ...
Loading ...
Loading ...