496 Configuring and managing security ACLs
NN47250-500 (Version 03.01)

Clearing security ACLs

The clear security acl command removes the ACL from the edit buffer only. To clear a security ACL, enter a specific
ACL name, or enter all to delete all security ACLs. To remove the security ACL from the running configuration and
nonvolatile storage, you must also use the commit security acl command.
For example, the following command deletes acl-99 from the edit buffer:
WSS# clear security acl acl-99
To clear acl-99 from the configuration, type the following command:
WSS# commit security acl acl-99
success: change accepted

Mapping security ACLs

An ACL does not take effect until you commit it and map it to a user or an interface.
User-based security ACLs are mapped to an IEEE 802.1X authenticated session during the AAA process. You can
specify that one of the authorization attributes returned during authentication is a named security ACL. The WSS maps
the named ACL automatically to the user’s authenticated session.
Security ACLs can also be mapped statically to ports, VLANs, virtual ports, or Distributed APs. User-based ACLs are
processed before these ACLs, because they are more specific and closer to the network edge.