Configure MAC+IP Rule to Use ACL Function
Configuration Condition
Before configuring MAC+IP rule to use the ACL function, first complete the following task:
- Enable the port security function
Configure MAC+IP Rule to Use ACL
Users can configure whether MAC + IP rules use ACL according to actual needs. When using ACL, MAC + IP rules can accurately match the source MAC address and source IP address of the user, avoiding illegal user access with source MAC address matching and source IP address mismatching.
Table 3-13 Configure MAC+IP rule to use ACL
Step
|
Command
|
Description
|
Enter global configuration mode
|
configure terminal
|
-
|
Enter the L2 Ethernet interface configuration mode
|
interface interface-name
|
Either
After entering the L2 Ethernet interface configuration mode, the subsequent configuration just takes effect on the current port. After entering the aggregation group configuration mode, the subsequent configuration just takes effect on the aggregation group.
|
Enter the aggregation group configuration mode
|
interface link-aggregation link-aggregation-id
|
Configure MAC+IP rule to use ACL
|
port-security use-acl
|
Mandatory
By default, the MAC+IP rule does not use ACL.
|