1-3
z
Referenced by routing policies
z
Used to control Telnet, SNMP and Web login users
z
When an ACL is directly applied to hardware for packet filtering, the switch will permit packets if the
packets do not match the ACL.
z
When an ACL is referenced by upper-layer software to control Telnet, SNMP and Web login users,
the switch will deny packets if the packets do not match the ACL.
Types of ACLs Supported by Switch 4500 Series
The following types of ACLs are supported by Switch 4500 series:
z
Basic ACL
z
Advanced ACL
z
Layer 2 ACL
z
User-defined ACL
In addition, ACLs defined on Switch 4500 series can be applied to hardware directly or referenced by
upper-layer software for packet filtering.
ACL Configuration Task List
Complete the following tasks to configure ACL:
Task
Remarks
Configuring Time Range
Optional
Configuring Basic ACL
Required
Configuring Advanced ACL
Required
Configuring Layer 2 ACL
Required
Configuring User-defined ACL
Required
Applying ACL Rules on Ports
Required
Applying ACL rules to Ports in a VLAN
Required
Configuring Time Range
Time ranges can be used to filter packets. You can specify a time range for each rule in an ACL. A time
range-based ACL takes effect only in specified time ranges. Only after a time range is configured and
the system time is within the time range, can an ACL rule take effect.
Two types of time ranges are available:
z
Periodic time range, which recurs periodically on the day or days of the week.
z
Absolute time range, which takes effect only in a period of time and does not recur.