Attaching an ACL individually to VLAN interfaces is similar to the behavior of ACL-
VLAN mapping storage in CAM prior to the implementation of the ACL VLAN group
functionality.
ip access-groupApply an egress IP ACL to the ACL VLAN group.
Syntax ip access-group {group name} out implicit-permit
Parameters group-name Enter the name of the ACL VLAN group where you want the
egress IP ACLs applied, up to 140 characters.
out Enter the keyword out to apply the ACL to outgoing traffic.
implicit-permit Enter the keyword implicit-permit to change the default
action of the ACL from implicit-deny to implicit-permit (that
is, if the traffic does not match the filters in the ACL, the
traffic is permitted instead of dropped).
Default None
Command
Modes
CONFIGURATION (conf-acl-vl-grp)
Command
History Version 9.3.
(0.0)
Introduced on the S4810, S4820T, and Z9000 platforms.
Usage
Information
You can apply only an egress IP ACL on an ACL VLAN group.
show acl-vlan-group Display all the ACL VLAN groups or display a specific ACL VLAN group, identified by name.
Syntax show acl-vlan-group {group-name | detail}
Parameters group-name (Optional) Display only the ACL VLAN group that is specified,
up to 140 characters.
detail Display information in a line-by-line format to display the
names in their entirety.
374 Access Control List (ACL) VLAN Groups and Content Addressable Memory (CAM)