06-26-2007 05:37 AM - edited 03-05-2019 04:58 PM
Dears
i want to control traffic on specific VLAN. Is Acces-List will be as in routers or differ. Also is explicit deny any any is present by default as in routers or not
Thanks
06-26-2007 06:25 AM
The same rules apply. There's an implicit deny as in routers. Configure the access list just as you would do on the router then apply the access list to the VLAN interface on the switch and that's all you need.
HTH
Sundar
06-26-2007 06:44 AM
You only have to look out what IN and OUT mean on a vlan-interface.
IN means into the router - out of the vlan.
OUT means out of the Router - into the vlan.
Sometimes that's a little bit confusing.
06-26-2007 09:28 PM
Dear
Thanks for reply. I want to tell you that i'm talking about 6500 switch. Is this make difference ?. and please if you know link to discuss this issue in detail please send me
Thanks
06-26-2007 09:32 PM
Hi
As the above poster said think about it like that.for e.g
suppose u have two vlans 2 and 3 and have configured their respective SVI's.
If u want to block the traffic incoming from vlan 2 u need to apply the access-list inbound to vlan2 SVI.
If u want to block the traffic coming from vlan 3 entering into vlan 2 then apply the access-list outbound to vlan 2 SVI.
Thanks
Mahmood
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide