Port Access Control Lists (PACL)

The syntax for configuring a Port Access Control List is the same as creating any other access control list. The difference is Port Access Control lists support filtering via MAC address via a different CLI syntax.

PACLs can only support filtering of incoming traffic with no outbound filtering support.

PACLs can not filter control packets such as CDP, VTP, DTP, PAgP, UDLD and STP

A PACL are only supported in hardware.

A PACL does not support ACLs filtering IPv6, ARP, or MPLS traffic

ip access-list extended PortACL
 deny tcp any any eq 23
 deny icmp any any
 permit ip any any



, ,




Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.