Filter
Top Products
34-8
Cisco Catalyst Switch Module 3110 and 3012 for IBM BladeCenter Software Configuration Guide
OL-12189-01
Chapter 34 Configuring Network Security with ACLs
Configuring IPv4 ACLs
The software supports these types of ACLs or access lists for IPv4:
• Standard IP access lists use source addresses for matching operations.
• Extended IP access lists use source and destination addresses for matching operations and optional
protocol-type information for finer granularity of control.
These sections describe access lists and how to create them:
• Access List Numbers, page 34-8
• ACL Logging, page 34-9
• Creating a Numbered Standard ACL, page 34-10
• Creating a Numbered Extended ACL, page 34-11
• Resequencing ACEs in an ACL, page 34-15
• Creating Named Standard and Extended ACLs, page 34-15
• Using Time Ranges with ACLs, page 34-17
• Including Comments in ACLs, page 34-19
Access List Numbers
The number you use to denote your ACL shows the type of access list that you are creating. Table 34-1
lists the access-list number and corresponding access list type and shows whether or not they are
supported in the switch. The switch supports IPv4 standard and extended access lists, numbers 1 to 199
and 1300 to 2699.
Table 34-1 Access List Numbers
Access List Number Type Supported
1–99 IP standard access list Yes
100–199 IP extended access list Yes
200–299 Protocol type-code access list No
300–399 DECnet access list No
400–499 XNS standard access list No
500–599 XNS extended access list No
600–699 AppleTalk access list No
700–799 48-bit MAC address access list No
800–899 IPX standard access list No
900–999 IPX extended access list No
1000–1099 IPX SAP access list No
1100–1199 Extended 48-bit MAC address access list No
1200–1299 IPX summary address access list No
1300–1999 IP standard access list (expanded range) Yes
2000–2699 IP extended access list (expanded range) Yes