Assigning acls to ports, Assigning numbered ipv4 acls to a port, Assigning acls to ports 4 – Allied Telesis AT-9000 Series User Manual

Chapter 73: Advanced Access Control Lists (ACLs)

1184

Assigning ACLs to Ports

Before you can assign an ACL to a port, you must first create an ACL. The
command that you use to assign an ACL to a port depends on which type
of ACL you have created. See the following sections:



“Assigning Numbered IPv4 ACLs to a Port” on page 1184



“Assigning MAC Address ACLs to a Port” on page 1185

Note

In situations where ports have both permit and deny ACLs, you must
assign the permit ACLs to a port first because ingress packets are
compared against the ACLs in the order in which they are added to
the ports. If you add the deny ACLs first, the ports may block
packets you want them to forward.

Assigning

Numbered IPv4

ACLs to a Port

To assign a Numbered IPv4 ACL to a port on the switch, use the
ACCESS-GROUP command in the Port Interface mode. Using this
command, you can add one Numbered IPv4 ACL to a port or several
ports. The ACL must exist on the switch. Here is the format of the
command:

access-group

id_number

For more information about this command, see “ACCESS-GROUP” on
page 1203.