This post resumes the topic about ACLs that you can apply on 3560 or 3750 series switches. It is going to be very brief and will only enumarate the most important things that you need to remember:

  • they control all traffic in that VLAN, such as:
    • bridged traffic within that particular VLAN
    • routed traffic INTO or OUT of that VLAN
VLAN Maps are the only way to filter traffic within a VLAN !
  • they are not defined by direction
  • they are only processed in hardware (ACL fields that are not supported in hardware will be ignored)
  • logging is not supported
IMPORTANT to remember
Everytime you modify the ACL, you must re-apply the VLAN Map !