114 Device Security
IP ACLs
IP ACLs classify for Layers 3 and 4.
Each ACL is a set of up to ten rules applied to inbound traffic. Each rule specifies whether the contents
of a given field should be used to permit or deny access to the network, and may apply to one or more of
the following fields within a packet:
• Destination IP with wildcard mask
•Destination L4 Port
•Every Packet
•IP DSCP
• IP Precedence
•IP TOS
•Protocol
• Source IP with wildcard mask
•Source L4 port
• Destination Layer 4 port
ACL Configuration Process
To configure ACLs, follow these steps:
1
Create an ACL.
• Create a MAC ACL by specifying a name.
• Create an IP ACL by specifying a number.
2
Add new rules to the ACL.
3
Configure the match criteria for the rules.
4
Apply the ACL to one or more interfaces.