04-19-2007 12:43 PM - edited 03-03-2019 04:37 PM
My question is directed to 871 users. Is possible to configure ACL on logical VLAN interface's (SVI) (interface vlan) for traffic filtering between VLAN's. Let's imagine that every of four switch ports is in different VLAN - can I using ACL filter traffic on 871 between this segments.
Many thanks for any suggestions
Maciej
04-19-2007 12:45 PM
Yes, absolutely.
04-19-2007 12:55 PM
Thanks a lot but pls tell me have You configured it ? Does it works in the same manner like ACL on every L3 switches ?
Maciej
04-19-2007 03:10 PM
Greetings Maciej,
Yes, you can do that.
An example:
Suppose you have 4 switch interfaces and want to configure 4 switched vlans. The steps are as below:
* You create 4 vlans
- int vlan x (where x is the vlan) number
* Configure all switch ports to different vlans
- int fastethernet y (where x is the interface no)
- switchport access vlan x (x is vlan no.)
Now you can create different access-lists and put them on vlan interfaces (either inbound outbound depending on your requirement)
- int vlan x (x is vlan no.)
- ip access-group
I hope that should be sufficient for you...
Good Luck
* Please rate the post if it helps
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: