PACL's

Unanswered Question
Feb 6th, 2009

Would you be able to lockdown users ports so they cant host a webserver,dhcp or smtp. Would i be able to use Pacl's to accomplish this.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Fri, 02/06/2009 - 09:35

You can apply ACLs to Layer 2 interfaces on a switch. Port ACLs are supported on physical interfaces and EtherChannel interfaces.

The following access lists are supported on Layer 2 interfaces:

•Standard IP access lists using source addresses

•Extended IP access lists using source and destination addresses and optional protocol type information

•MAC extended access lists using source and destination MAC addresses and optional protocol type information

As with router ACLs, the switch examines ACLs associated with features configured on a given interface and permits or denies packet forwarding based on how the packet matches the entries in the ACL.

Hope that helps.

Actions

This Discussion