Cisco VACLs (MAC layer security ACLs)

Information stolen from Cisco's documentation

VACLs have an implicit deny at the end

Some useful commands to run in the switch config mode:

set security acl ip lab_test permit icmp any any echo set security acl ip lab_test permit icmp any any echo-reply set security acl ip lab_test deny icmp any any set security acl ip lab_test permit ip any any commit security acl lab_test set security acl map lab_test 1 clear security acl map lab_test 1 clear security acl lab_test commit security acl lab_test show security acl resource-usage show security acl ip lab_test