ISR 871, VLAN's and ACL support

Unanswered Question
Apr 19th, 2007
User Badges:
  • Cisco Employee,

My question is directed to 871 users. Is possible to configure ACL on logical VLAN interface's (SVI) (interface vlan) for traffic filtering between VLAN's. Let's imagine that every of four switch ports is in different VLAN - can I using ACL filter traffic on 871 between this segments.


Many thanks for any suggestions


Maciej

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
paolo bevilacqua Thu, 04/19/2007 - 12:45
User Badges:
  • Super Gold, 25000 points or more
  • Hall of Fame,

    Founding Member

Yes, absolutely.

maflak Thu, 04/19/2007 - 12:55
User Badges:
  • Cisco Employee,

Thanks a lot but pls tell me have You configured it ? Does it works in the same manner like ACL on every L3 switches ?


Maciej

haroon.shaikh Thu, 04/19/2007 - 15:10
User Badges:

Greetings Maciej,


Yes, you can do that.


An example:


Suppose you have 4 switch interfaces and want to configure 4 switched vlans. The steps are as below:


* You create 4 vlans


- int vlan x (where x is the vlan) number


* Configure all switch ports to different vlans


- int fastethernet y (where x is the interface no)

- switchport access vlan x (x is vlan no.)


Now you can create different access-lists and put them on vlan interfaces (either inbound outbound depending on your requirement)


- int vlan x (x is vlan no.)

- ip access-group [in/out]


I hope that should be sufficient for you...


Good Luck


* Please rate the post if it helps




Actions

This Discussion