Home > Switches > Layer 3 Switching > Configuring ACLs

Configuring ACLs

ACLs can be used to restrict certain traffic from being forwarded by the switches to which the lists are applied. With Meraki, you only have to define your ACLs once, and they will be propagated to all switches in the network. 


For more detailed information and examples on ACLs, see MS Switch ACL Operation 


Processing order

The ACL will be processed from top to bottom, and each packet will be subject to the rules defined. Once a packet matches a rule in the ACL, it will not be processed further. 

Creating your ACL

By default, ACLs will have an explicit allow. If you prefer to configure your lists with an explicit deny, you can do so by making the bottom rule a "Deny - any - any" rule. Do note that in order to prevent cloud connectivity problems, the cloud IPs, ports and protocols have been added to the ACL by default.

Explicit Rule

By default, switches will have an explicit allow rule. Some may be more familiar with building an ACL that has an explicit deny rule. This can be achieved by manually creating a Deny any/any rule.

Last modified



This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 4466

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community