Home > Switches > Layer 3 Switching > Configuring ACLs

Configuring ACLs

ACLs can be used to restrict certain traffic from being forwarded by the switches to which the lists are applied. With Meraki, you only have to define your ACLs once, and they will be propagated to all switches in the network. 

 

For more detailed information and examples on ACLs, see MS Switch ACL Operation 

 

Processing order

The ACL will be processed from top to bottom, and each packet will be subject to the rules defined. Once a packet matches a rule in the ACL, it will not be processed further. 

Creating your ACL

By default, ACLs will have an explicit allow. If you prefer to configure your lists with an explicit deny, you can do so by making the bottom rule a "Deny - any - any" rule. Do note that in order to prevent cloud connectivity problems, the cloud IPs, ports and protocols have been added to the ACL by default.

Explicit Rule

By default, switches will have an explicit allow rule. Some may be more familiar with building an ACL that has an explicit deny rule. This can be achieved by manually creating a Deny any/any rule.

You must to post a comment.
Last modified
16:05, 21 Jan 2016

Tags

This page has no custom tags.

Classifications

This page has no classifications.

Article ID

ID: 4466

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case