Home
Support
Product Support
Routers
Cisco SD-WAN
Configuration Guides

Cisco Catalyst SD-WAN Interfaces Configuration Guide, Releases 26.x and Later

What does a loopback TLOC interface enable across private WANs?
What traffic do implicit ACLs on loopback interfaces apply to?
Which command verifies implicit ACL configurations?

View all Saved Content

PDF

Is this content helpful?

Helpful Unhelpful

Suggestions for Improvement

Thank you for your feedback. Your response has been recorded.

Ask about this content

Cisco Catalyst SD-WAN Interfaces Configuration Guide, Releases 26.x and Later

What does a loopback TLOC interface enable across private WANs?
What traffic do implicit ACLs on loopback interfaces apply to?
Which command verifies implicit ACL configurations?

Expand all sections

About this content

Network Interfaces

Network Interfaces

Cellular Interfaces

Feature history for cellular interfaces
Cellular interfaces
Supported devices
Guidelines
Configure cellular interface
Reset the profile configuration of a cellular modem
Troubleshoot LTE modem crash

DSL IPoE

Configure DSL IPoE

DSL PPPoA

Configure DSL PPPoA

DSL PPPoE

Feature history for DSL PPPoe
Configure DSL PPPoE

Dynamic Interfaces

Feature history for dynamic interfaces
Configure dynamic interfaces

EtherChannels

Feature history for EtherChannels
EtherChannels on the service side
EtherChannels on the transport side
Monitor configured EtherChannel using CLI
Aggregate EtherChannel Quality of Service

IP Directed Broadcast

IP directed broadcast
Configure IP directed broadcast using CLI commands

Loopback Interfaces

Feature history for loopback interfaces
Loopback interfaces
Implicit ACLs on loopback interfaces
Loopback TLOC interface bound to a physical WAN interface
Loopback TLOC interface not bound to a physical WAN interface
Bind mode and unbind mode
Configure implicit ACL on loopback interfaces using CLI commands
Examples of implicit ACL configurations on loopback interfaces
Verify implicit ACL configurations on loopback interfaces

Subinterfaces

Subinterfaces
Configuration examples for subinterfaces
Verify configurations on subinterfaces

VPN Ethernet Interface

Configure VPN ethernet interface

VPN Interface Bridge

Configure VPN interface bridge

VPN Interface Ethernet PPPoE

Configure VPN interface ethernet PPPoE

VPN Interface GRE

Configure VPN interface GRE

VPN Interface IPsec

Feature history for VPN interface IPsec
Configure VPN interface IPsec
CLI configuration examples for VPN interface IPsec

VPN Interface Multilink

Configure VPN interface multilink

VPN Interface SVI

Feature history for VPN interface SVI
Configure VPN interface SVI

VPN Interface T1/E1

Configure VPN interface T1/E1

VRRP Interface Tracking

Feature history for VRRP interface tracking
VRRP
Restrictions for VRRP interface tracking
VRRP tracking use cases
Configure VRRP
Configure VRRP tracking using CLI templates
Configure VRRP tracking
Monitor VRRP configuration
Verify VRRP tracking

Implicit ACLs on loopback interfaces

Updated: April 24, 2026

Want to summarize with AI?

On this page

Benefits

Describes the role and enforcement of implicit ACLs on loopback interfaces, emphasizing security implications and default access behavior.

Implicit ACLs on loopback interfaces are access control mechanism that

consist of default rules applied to traffic destined for loopback interfaces,
can be present by default or enabled through configuration to limit or permit traffic, and
is applied to traffic destined for loopback interfaces configured with a Transport Location (TLOC) in both bind mode (bound to a physical interface) and unbind mode (not bound to any physical interface) on Cisco IOS XE Catalyst SD-WAN devices.

Benefits

Implicit ACL on a loopback TLOC interface protects against denial of service (DoS) attacks by allowing only limited services. This enhances your network security.

Need help?

Open a support case

(Requires a Cisco Service Contract)

Bias-free language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.