VLAN access map and trunks

Unanswered Question
Feb 2nd, 2007


Is VLAN tagged traffic (dot1q or ISL) that enters a switch tested against a VLAN access map, or is it classed as already being in the VLAN beacuse it is tagged and therefore bypasses the access map


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smahbub Thu, 02/08/2007 - 12:42

n global configuration mode, use this command to create or modify a VLAN map. This entry changes the mode to VLAN access-map configuration, where you can use the match access-map configuration command to specify the access lists for IP or non-IP traffic to match and use the action command to set whether a match causes the packet to be forwarded or dropped.

In VLAN access map configuration mode, these commands are available:

* action: sets the action to be taken (forward or drop).

* default: sets a command to its defaults

* exit: exits from VLAN access-map configuration mode

* match: sets the values to match (IP address or MAC address).

* no: negates a command or set its defaults

When you do not specify an entry number (sequence number), it is added to the end of the map.

There can be only one VLAN map per VLAN and it is applied as packets are received by a VLAN.

You can use the no vlan access-map name [number] command with a sequence number to delete a single entry.

In global configuration mode, use the vlan filter interface configuration command to apply the map to one or more VLANs.

chrisayres Fri, 02/09/2007 - 01:28

I can read the online docs aswell but I really wanted the question answered


This Discussion