500 Configuring and managing security ACLs
NN47250-500 (Version 03.01)
ACL acljoe is mapped to:
Port 4 In
WSS# clear security acl map acljoe port 4 in
success: change accepted.
After you clear the mapping between port 4 and ACL acljoe, the following is displayed when you enter show security
acl map:
WSS# show security acl map acljoe
ACL acljoe is mapped to:
Clearing a security ACL mapping does not stop the current filtering function if the ACL has other mappings. If the
security ACL is mapped to another port, a VLAN, a virtual port, or a Distributed AP, you must enter a clear security acl
map command to clear each map.
To stop the packet filtering of a user-based security ACL, you must modify the user’s configuration in the local database
on the WSS or on the RADIUS servers where packet filters are authorized. For information about deleting a security
ACL from a user’s configuration in the local WSS database, see “Clearing a security ACL from a user or group” on
page 603. To delete a security ACL from a user’s configuration on a RADIUS server, see the documentation for your
RADIUS server.
If you no longer need the security ACL, delete it from the configuration with the clear security acl and commit security
acl commands. (See “Clearing security ACLs” on page 496.)

Modifying a security ACL

You can modify a security ACL in the following ways:
Add another ACE to a security ACL, at the end of the ACE list. (See Adding another ACE to a security ACL” on
page 501.)
Place an ACE before another ACE, so it is processed before subsequent ACEs, using the before editbuffer-index
portion of the set security acl commands. (See “Placing one ACE before another” on page 502.)
Modify an existing ACE using the modify editbuffer-index portion of the set security acl commands. (See
“Modifying an existing security ACL” on page 503.)
•Use the rollback command set to clear changes made to the security ACL edit buffer since the last time it was
saved. The ACL is rolled back to its state at the last commit command. (See “Clearing security ACLs from the edit
buffer” on page 504.)
•Use the clear security acl map command to stop the filtering action of an ACL on a port, VLAN, or virtual port.
(See “Clearing a security ACL map” on page 499.)
•Use clear security acl plus commit security acl to completely delete the ACL from the WSS switch’s
configuration. (See “Clearing security ACLs” on page 496.)