Categories
CCNP Enterprise Core (350-401) Cisco Security

PACL, VACL, RACL (ACL) Priority

If a PACL, VACL, and RACL (Router ACL) are all configured in the same VLAN. The ACLs are evaluated in a certain order.

Bridged Traffic

  1. Inbound PACL on the switchport
  2. Inbound VACL on the VLAN
  3. Outbound VACL on the VLAN

Routed Traffic

  1. Inbound PACL on the switchport
  2. Inbound VACL on the VLAN
  3. Inbound ACL on the SVI
  4. Outbound ACL on the SVI
  5. Outbound VACL on the VLAN

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.