CCIE Practical Studies: Security (CCIE Self-Study)

Port ACLs

The 3550 switch also supports an ACL that you can associate with a Layer 2 interface on your switch. These ACLs, referred to as port ACLs, are only supported on a physical interface and not on EtherChannel interfaces. You can apply port ACLs only on an interface in the inbound direction. You can define the following types of ACLs on a Layer 2 interface:

Standard IP ACLs
Extended IP ACLs
MAC extended ACLs

If you apply a port ACL to a trunk port, the ACL filters traffic on every VLAN that is present on that trunk port. If you apply a port ACL to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs.

NOTE

When you configure a port ACL, you can filter IP traffic by using IP ACLs and non-IP traffic on the same Layer ...

Get CCIE Practical Studies: Security (CCIE Self-Study) now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

CCIE Practical Studies: Security (CCIE Self-Study) by Dmitry Bokotey, Andrew G. Mason, Raymond Morrow

Port ACLs

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly