ISR 871, VLAN's and ACL support

Unanswered Question
Apr 19th, 2007

My question is directed to 871 users. Is possible to configure ACL on logical VLAN interface's (SVI) (interface vlan) for traffic filtering between VLAN's. Let's imagine that every of four switch ports is in different VLAN - can I using ACL filter traffic on 871 between this segments.

Many thanks for any suggestions


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
maflak Thu, 04/19/2007 - 12:55

Thanks a lot but pls tell me have You configured it ? Does it works in the same manner like ACL on every L3 switches ?


haroon.shaikh Thu, 04/19/2007 - 15:10

Greetings Maciej,

Yes, you can do that.

An example:

Suppose you have 4 switch interfaces and want to configure 4 switched vlans. The steps are as below:

* You create 4 vlans

- int vlan x (where x is the vlan) number

* Configure all switch ports to different vlans

- int fastethernet y (where x is the interface no)

- switchport access vlan x (x is vlan no.)

Now you can create different access-lists and put them on vlan interfaces (either inbound outbound depending on your requirement)

- int vlan x (x is vlan no.)

- ip access-group [in/out]

I hope that should be sufficient for you...

Good Luck

* Please rate the post if it helps


This Discussion