Defining ACL Binding
When an ACL is bound to an interface, its ACE rules are applied to packets arriving at that interface. Packets that do not match any of the ACEs in the ACL are matched to a default rule, whose action is to drop unmatched packets.
Although each interface can be bound to only one ACL, multiple interfaces can be bound to the same ACL by grouping them into a policy-map, and binding that policy-map to the interface.
After an ACL is bound to an interface, it cannot be edited, modified, or deleted until it is removed from all the ports to which it is bound or in use.
To bind an ACL to an interface:
- Click Access Control > ACL Binding. The ACL Binding page opens.
- Select an interface type Ports/LAGs (Port or LAG).
- Click Go. The list of ports/LAGs is displayed. For each type of interface selected, all interfaces of that type are displayed with a list of their current ACLs:
NOTE To unbind all ACLs from an interface, select the interface, and click Clear.
- Select an interface, and click Edit. The Edit ACL Binding page opens.
- Select the Interface to which the ACLs are to be bound.
- Select one of the following:
- Click Apply. The ACL binding is modified, and the Running Configuration file is updated.
NOTE If no ACL is selected, the ACL(s) that is previously bound to the interface is unbound.