170
•
MAC-based ACL by using the MAC Based ACL page and the MAC Based ACE
page.
•
IPv4-Based ACL by using the IPv4 Based ACL page and the IPv4 Based ACE page.
•
IPv6-Based ACL by using the IPv6 Based ACL page and the IPv6 Based ACE page.
2. Associate the ACL with interfaces by using the ACL Binding page.
Modifying ACLs Workflow
An ACL can only be modified if it is not in use.
To unbind an ACL in order to modify it:
1. If the ACL has been associated with an interface, unbind it from the interface using the
ACL Binding page.
2. If the ACL is part of the class map and not bound to an interface, then it can be modified.
3. If the ACL is part of a class map contained in a policy bound to an interface, you must
perform the chain of unbinding:
•
Unbind the policy containing the class map from the interface by using Policy
Binding.
•
Delete the class map containing the ACL from the policy using the Configuring a
Policy (Edit).
•
Delete the class map containing the ACL, by using Defining Class Mapping page.
•
Only then can the ACL be modified, as described in this section.
MAC-Based ACL
MAC-based ACLs are used to filter traffic based on Layer 2 fields. MAC-based ACLs check all
frames for a match.