ACL assignment

You can specify an authorization ACL in the user account for a MAC authentication user to control the user's access to network resources. After the user passes MAC authentication, the authentication server (local or remote) assigns the authorization ACL to the access port of the user. The ACL will filter traffic for this user. Only the traffic that matches the deny rules in the ACL are rejected. You must configure ACL rules for the authorization ACL on the access device for the ACL assignment feature.

To change the access control criteria for the user, you can use one of the following methods:

The supported authorization ACLs include the following types:

For an authorization ACL to take effect, make sure the following requirements are met:

For more information about ACLs, see ACL and QoS Configuration Guide.