EX2500 Ethernet Switch Configuration Guide
ACL Example 4—Blocking All Except Certain Packets
Use this configuration to block all traffic except traffic of certain types. HTTP/HTTPS, DHCP, and ARP packets are permitted on the port. All other traffic is denied.
1.Configure one IP ACL for each type of traffic that you want to permit.
ex2500(config)#
ex2500(config)#
ex2500(config)#
2.Configure IP ACLs to deny all other traffic.
The ACLs that allow traffic must have a higher priority than the ACLs that deny all traffic.
ex2500(config)#
3.Configure one MAC ACL for each type of traffic that you want to permit (ARP).
ex2500(config)#
4.Assign the ACLs to a port.
ex2500(config)# interface port 7
58 Using ACL Filters