Product guide

ManualsBrandsProCurve ManualsComputer equipment6200yl

361

362

363

364

365

366

367

368

369

370

10-82

Access Control Lists (ACLs)

Adding or Removing an ACL Assignment On an Interface

Figure 10-20. Methods for Enabling and Disabling RACLs

Filtering IP Traffic Inbound on a VLAN

For a given VLAN interface, you can assign an ACL as a VACL to filter any IP

traffic entering the switch on that VLAN. You can also use the same ACL for

assignment to multiple VLANs. For limits and operating rules, refer to “ACL

Configuration and Operating Rules” on page 10-33.

ProCurve(config)# vlan 20 ip access-group My-List in

ProCurve(config)# vlan 20

ProCurve(vlan-20)# ip access-group 155 out

ProCurve(vlan-20)# exit

ProCurve(config)# no vlan 20 ip access-group My-List in

ProCurve(config)# vlan 20

ProCurve(vlan-20)# no ip access-group 155 out

ProCurve(vlan-20)# exit

Enables an RACL from the

Global Configuration

Level

Enables an RACL from a

VLAN Context.

Disables an RACL from

the Global Configuration

Level

Disabling an RACL from a

VLAN Context.

Syntax: [no] vlan < vid > ip access-group < identifier > vlan

where: < identifier > = either a ACL name or an ACL ID number.

Assigns an ACL as a VACL to a VLAN to filter any IP traffic

entering the switch on that VLAN. You can use either the

global configuration level or the VLAN context level to assign

or remove a VACL.

Note: The switch allows you to assign a nonexistent ACL

name or number to a VLAN. In this case, if you subsequently

configure an ACL with that name or number, it

automatically becomes active on the assigned VLAN. Also,

if you delete an assigned ACL from the switch without

subsequently using the “no” form of this command to

remove the assignment to a VLAN, the ACL assignment

remains and will automatically activate any new ACL you

create with the same identifier (name or number).