ACL Priority Configurations

A priority value configured for one ACL cannot be used for other ACL. Configuration limit is from 1 to 255.

Lower the number, higher the priority value. i.e. ACL with priority 1 will have higher priority compared to ACL of priority 10.

The ACL priority number can be utilized across IP and MAC and is based on the configuration.

  1. Create IP and MAC ACL and assign a priority value.

    Execute the following commands.

    iS5comm# configure terminal

    iS5comm(config)# ip access-list extended 1001

    iS5comm(config-ext-nacl)# deny ip any any priority 1

    iS5comm(config-ext-nacl)# end

    iS5comm(config)# mac access-list extended 1

    iS5comm(config-ext-nacl)# deny any any priority 5

    iS5comm(config-ext-nacl)# end

  2. Configure another IP ACL with same priority value.

    Execute the following commands.

    iS5comm# configure terminal

    iS5comm(config)# ip access-list extended 1002

    iS5comm(config-ext-nacl)# permit ip any any priority 1

     % This priority is already configured in another IP ACL

    iS5comm(config-ext-nacl)# permit ip any any priority 5

    iS5comm(config-ext-nacl)# end

  3. Configure another MAC ACL with same priority value.

    Execute the following commands

    iS5comm# configure terminal

    iS5comm(config-ext-nacl)# permit any any priority 1

     % This priority is already configured in another mac acl

    iS5comm(config-ext-nacl)# permit any any priority 5

    iS5comm(config-ext-nacl)# end

Parent topic: Configuring ACL