Configuring MAC Based ACLs with CLI Commands
The following table summarizes the equivalent CLI commands for configuring MAC Based ACLs.
Table
CLI Command | Description | |
|
| |
mac | To define a Layer 2 access list and to place the device in | |
no mac | MAC access list configuration mode, use the mac | |
| ||
| remove the access list, use the no form of this command. | |
|
| |
permit {any{source source- wildcard} {any{ | To set permit conditions for an MAC access list, | |
destination destination- wildcard}} [vlan | use the permit command in MAC access list | |
cos | configuration mode. | |
|
| |
deny | To set deny conditions for an MAC access list, use the | |
destination destination- wildcard}} [vlan | deny command in MAC access list configuration mode. | |
| ||
|
|
Defining ACL Binding
When an ACL is bound to an interface, all the ACE rules that have been defined are applied to the selected interface.Whenever an ACL is assigned on a port, LAG or, VLAN, flows from that ingress interface that do not match the ACL are matched to the default rule, which is Drop unmatched packets.
To bind ACLs to interfaces:
1Open the Network Security - ACL Bindings page, click Switch → Network Security → ACL Bindings.
Figure 7-13. Network Security - ACL Binding
2In the Select an ACL field, select an IP Based or MAC Based ACL.
286
