I want to block some TCP ports in LAN network.I can do it by using access list on VLAN interface.This requires addition and delection of TCP ports from each interface access list. This consume time and is difficult for management.
Is there better way to block TCP port?
Which can be applied on all traffic in LAN?
Thanks in Advance
VACLs can provide access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN or a WAN interface for VACL capture. Unlike regular Cisco IOS standard or extended ACLs that are configured on router interfaces only and are applied on routed packets only, VACLs apply to all packets and can be applied to any VLAN or WAN interface.