I've been tinkering around with an N3024. I have some devices that are all sharing a same VLAN and I need to restrict SSH/Telnet traffic to them. I know if you want to restrict SSH/Telnet traffic to the N3024 itself you need to create a management access-list, but I also need to restrict that type of traffic to devices behind my switch.
Since these are layer 2 ports and I need to match IP traffic, a standard ACL will be ignored since it never kicks anything back to the FIB. A PACL isn't enough because they are limited to MAC.
Since all of these non Dell devices are sharing a VLAN, is it as simple as putting the ACL that I need on the Interface VLAN for the shared VLAN?