Configuring Device Information 267Configuring MAC Based ACLs with CLI CommandsThe following table summarizes the equivalent CLI commands for configuring MAC Based ACLs.Defining ACL BindingWhen an ACL is bound to an interface, all the ACE rules that have been defined are applied to theselected interface.Whenever an ACL is assigned on a port or LAG, flows from that ingress interface thatdo not match the ACL are matched to the default rule, which is Drop unmatched packets.To bind ACLs to interfaces:1 Open the Network Security - ACL Bindings page, click Switch → Network Security → ACL Bindings.Figure 7-14. Network Security - ACL Binding2 In the Select an ACL field, select an IP Based or MAC Based ACL.Table 7-6. MAC Based ACL CLI CommandsCLI Command Descriptionmac access-list access-list-nameno mac access-list access-list-nameTo define a Layer 2 access list and to place thedevice in MAC access list configuration mode, usethe mac access-list command in globalconfiguration mode. To remove the access list, usethe no form of this command.permit {any|{source source- wildcard} {any|{ destinationdestination- wildcard}} [vlan vlan-id] [cos cos cos-wildcard][ethtype eth-type] [inner-vlan vlan-id]To set permit conditions for an MAC access list, usethe permit command in MAC access listconfiguration mode.deny [disable-port] {any|{source source- wildcard} {any|{destination destination- wildcard}} [vlan vlan-id] [cos coscos-wildcard] [ethtype eth-type] [inner-vlan vlan-id]To set deny conditions for an MAC access list, usethe deny command in MAC access listconfiguration mode.