EasyManuals Logo
Home>Cisco>Network Router>7604

Cisco 7604 User Manual

Cisco 7604
1011 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #513 background imageLoading...
Page #513 background image
35-9
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
Chapter 35 Configuring VLAN ACLs
Configuring VACLs
VLAN Access Map Configuration and Verification Examples
Assume IP-named ACL net_10 and any_host are defined as follows:
Router# show ip access-lists net_10
Extended IP access list net_10
permit ip 10.0.0.0 0.255.255.255 any
Router# show ip access-lists any_host
Standard IP access list any_host
permit any
This example shows how to define and apply a VLAN access map to forward IP packets. In this example,
IP traffic matching net_10 is forwarded and all other IP packets are dropped due to the default drop
action. The map is applied to VLAN 12 to 16.
Router(config)# vlan access-map thor 10
Router(config-access-map)# match ip address net_10
Router(config-access-map)# action forward
Router(config-access-map)# exit
Router(config)# vlan filter thor vlan-list 12-16
This example shows how to define and apply a VLAN access map to drop and log IP packets. In this
example, IP traffic matching net_10 is dropped and logged and all other IP packets are forwarded:
Router(config)# vlan access-map ganymede 10
Router(config-access-map)# match ip address net_10
Router(config-access-map)# action drop log
Router(config-access-map)# exit
Router(config)# vlan access-map ganymede 20
Router(config-access-map)# match ip address any_host
Router(config-access-map)# action forward
Router(config-access-map)# exit
Router(config)# vlan filter ganymede vlan-list 7-9
This example shows how to define and apply a VLAN access map to forward and capture IP packets. In
this example, IP traffic matching net_10 is forwarded and captured and all other IP packets are dropped:
Router(config)# vlan access-map mordred 10
Router(config-access-map)# match ip address net_10
Router(config-access-map)# action forward capture
Router(config-access-map)# exit
Router(config)# vlan filter mordred vlan-list 2, 4-6
Configuring a Capture Port
A port configured to capture VACL-filtered traffic is called a capture port.
Note To apply IEEE 802.1Q or ISL tags to the captured traffic, configure the capture port to trunk
unconditionally (see the “Configuring the Layer 2 Switching Port as an ISL or 802.1Q Trunk” section
on page 10-8 and the “Configuring the Layer 2 Trunk Not to Use DTP” section on page 10-9).

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 7604 and is the answer not in the manual?

Cisco 7604 Specifications

General IconGeneral
BrandCisco
Model7604
CategoryNetwork Router
LanguageEnglish

Related product manuals