7-7
Cisco Wireless Router and HWIC Configuration Guide
OL-6415-03
Chapter 7 Configuring QoS on an Access Point
Configuration Guidelines
The radio interface supports the following access lists:
• <1 - 99> IP standard access list
• <100 - 199> IP extended access list
• <700- 799> MAC address access list
• <200 - 299> Protocol type-code access list
The rest of the access lists can be applied, but it is not recommended.
Applying Access Control Lists
An access control list can be applied to an the ingress or egress of the interface. The type of access
control list determines the best place to apply the list. Table 7-5 summarizes where the access control
lists should be applied.
For each type of access list, only one access list can applied to a direction. We recommended that for IP
access lists, use only the extended IP access list numbers 100 through 199, because they can support
multiple layers (from Layer 3 to Layer 7) access control clauses in one access list.
Typical Layer 2 access control lists (<200-299> and <700-799>) only take effect inside the Layer 2
bridging path. Packet received by the access point upper protocol stack are not be applied.
700 - 799 MAC address access list
Allow or deny packet forwarding based on Ethernet packet MAC source or
destination addresses
200 - 299 Protocol type-code access list
Allow or deny packet forwarding based on packet protocol type-code, in the case
of Ethernet, it is either DIX, SAP, or SNAP type
Table 7-4 Access Control List Numbers
Table 7-5 Access Control List Recommended Location
ACL Range Location
<1 -99>
<100 -199>
Apply to interface ip access-group <acl_num> <in |
out>
<200 - 299> Apply to interface bridge-group <x> <input-lsap-list |
input-type-list> <acl_num>
<700 - 799> Apply to interface bridge-group <x> <input-address-list
| output-address-list> <acl_num>