RADIUS-assigned ACLs

A RADIUS-assigned ACL for filtering traffic from a specific client or group of clients is configured on a RADIUS server. When the server authenticates a client associated with that ACL, the ACL is assigned to filter the inbound IP traffic received from the authenticated client through the port on which the client is connected to the switch. If the RADIUS server supports both IPv4 and IPv6 ACEs, then the ACL assigned by the server can be configured to filter both traffic types, or just the IPv4 traffic. When the client session ends, the ACL is removed from the port. The switch allows as many RADIUS-assigned ACLs on a port as it allows authenticated clients. For information on RADIUS-assigned ACLs, refer to the chapter titled, “Configuring RADIUS Server Support for Switch Services” in the latest Access Security Guide for your switch.


This chapter describes the IPv6 ACL applications you can statically configure on the switch. For information on static IPv4 ACL applications, refer to the chapter titled “IPv4 Access Control Lists (ACLs)” in the latest Access Security Guide for your switch.