General steps for implementing ACLs

Procedure
  1. Configure at least one ACL. This creates and stores the ACL in the switch configuration.
  2. Assign an ACL. This applies the ACL to the inbound traffic on one or more designated interfaces.

  1. Configure one or more ACLs. This creates and stores the ACL(s) in the switch configuration.

  2. Assign an ACL. This step uses one of the following applications to assign the ACL to an interface:

    • VACL (IPv6 traffic entering or leaving the switch on a given VLAN)

    • Static Port ACL (IPv6 traffic entering or leaving the switch on a given port, port list, or static trunk)

CAUTION:

Regarding the use of source routing: source routing is enabled by default on the switch and can be used to override ACLs. For this reason, if you are using ACLs to enhance network security, the recommended action is to disable source routing on the switch. To do so, execute:

no ip source–route .