How ACLs work

Configuring an ACL in global config mode will not make the ACL take effect.

The ACL must be applied to an interface.

ACLs are applied either inbound or outbound.

ACLs are made up of one or mode ACEs.

When the router checks a packet against the ACL, it processes the ACEs in order, from top to bottom.

If the packet matches on of the ACEs in the ACL, the router takes the action and stops processing the ACL. All entries bellow the matching entry will be ignored.

A maximum of one ACL can be applied to a single interface per direction.

Inbound: Maximum one ACL.
Outbound: Maximum one ACL.

PreviousWhat are ACLs?NextImplicit Deny

Last updated 1 year ago