Bind Access Control List (ACL) to an Interface on 200/300 Series Managed Switches

Available Languages

Download Options

PDF (120.4 KB)
View with Adobe Reader on a variety of devices
ePub (180.3 KB)
View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
Mobi (Kindle) (164.4 KB)
View on Kindle device or Kindle app on multiple devices

Updated:December 10, 2018

Document ID:SMB1440

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Bind Access Control List (ACL) to an Interface on 200/300 Series Managed Switches

Objective

An Access Control List (ACL) is a list of network traffic filters and correlated actions used to improve security. ACLs can be defined in one of three ways: by MAC address, by IPv4 address, or by IPv6 address. When an ACL is bound to an interface, packets that arrive at that interface are matched against the ACL and either permitted or dropped. However, only one ACL can be bound per interface.

This document explains how to bind ACLs to an interface on the 200 and 300 Series Managed Switches.

Applicable Devices

• SF/SG 200 and SF/SG300 Series Managed Switches

Software Version

• 1.3.0.62

Bind Access Control List to an Interface

Step 1. Log in to the web configuration utility and choose Access Control > ACL Binding. The ACL Binding page opens:

Step 2. Chose an interface from the Interface Type drop-down list and then click Go.

• Port — A single physical port on the switch.

• LAG — A group of ports used to increase link reliability.

Step 3. Check the check box of the desired port/LAG and click Edit.

The Edit ACL Binding window appears.

Step 4. Check the check box of the ACL type you would like to bind to the chosen interface and choose the ACL from the drop-down list.

• MAC-Based ACL — Filters traffic based on the Layer 2 fields of the frame header.

• IPv4-Based ACL — Filters traffic based on IPv4 packets.

• IPv6-Based ACL — Filters traffic based on IPv6 packets.

Note: The check box for any of the ACL options will only be highlighted if there is an available ACL in that format.

Step 5. Check the appropriate radio button in the Permit Any field to define what to do with packets that do not match the chosen ACL.

• Disable (Deny Any) — Packets are dropped (denied) if they do not match an ACL.

• Enable — Packets are forwarded even if they do not match an ACL.

Step 6. Click Apply to bind the chosen ACL to the interface. The Edit ACL Binding window closes.
Step 7. (Optional) Check the check box of the desired interface and click Clear to unbind the interface from the ACL.

Step 8. (Optional) Check the check box of the desired interface and click Copy Settings to copy the settings of the interface to other interfaces. The Copy Settings window appears:

Step 9. Enter the port number(s) or port name(s) of the port(s) to which you would like to to copy the settings of the chosen port.

Step 10. Click Apply to apply the settings or click Close to cancel the settings.

Revision History

Revision	Publish Date	Comments
1.0	10-Dec-2018	Initial Release

Was this Document Helpful?

Feedback

Contact Cisco

Open a Support Case
(Requires a Cisco Service Contract)