CLI Reference Guide

Using Access Control Lists for Security 317

Mapping ACLs to Ports, VLANs, or Virtual Ports

You can map ACLs to ports (or port groups), VLANs, or virtual ports. You

cannot map an ACL to a MAP port or a wired authentication port.

To map an ACL to ports, VLANs, or virtual ports:

1 In the Create ACL wizard, click ACL Map. The ACL Map page appears.

2 Do one of the following:

 To map an ACL to a Distributed MAP, see “Mapping an ACL to a

VLAN”.

 To map an ACL to a VLAN, see “Mapping an ACL to a VLAN” on

page 317.

 To map an ACL to a port or port group, see “Mapping an ACL to a

Port” on page 318.

 To map an ACL to a virtual port or port group in a VLAN, see

“Mapping an ACL to a Virtual Port” on page 318.

Mapping an ACL to a Distributed MAP

1 In the ACL Map page, click New.

2 Select New ACL Distributed MAP Map. The Create ACL Distributed

MAP Map dialog box appears.

3 In the Direction list, select In to filter incoming packets or Out to filter

outgoing packets.

4 In the DAP list, select the Distributed MAP from the list.

5 Click Finish to save the mapping. The Create ACL wizard reappears.

6 Click Finish to close the Create ACL wizard.

Mapping an ACL to a VLAN

1 In the ACL Map page, click New.

2 Select New ACL VLAN Map. The Create ACL VLAN Map dialog box

appears.

3 In the Direction list, select In to filter incoming packets or Out to filter

outgoing packets.

4 In the Type list, select ID to identify the VLAN by number or Name to

identify it by name.

5 If you selected Name in step 4, go to step 6. Otherwise, specify a VLAN

number in the ID box and go to step 7.