Blocking TCP port in 6509

Answered Question
Aug 13th, 2007
User Badges:

Hi,


I want to block some TCP ports in LAN network.I can do it by using access list on VLAN interface.This requires addition and delection of TCP ports from each interface access list. This consume time and is difficult for management.


Is there better way to block TCP port?

Which can be applied on all traffic in LAN?


Thanks in Advance


Correct Answer by hadbou about 9 years 7 months ago

VACLs can provide access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN or a WAN interface for VACL capture. Unlike regular Cisco IOS standard or extended ACLs that are configured on router interfaces only and are applied on routed packets only, VACLs apply to all packets and can be applied to any VLAN or WAN interface.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
Loading.
Correct Answer
hadbou Mon, 08/20/2007 - 08:29
User Badges:
  • Bronze, 100 points or more

VACLs can provide access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN or a WAN interface for VACL capture. Unlike regular Cisco IOS standard or extended ACLs that are configured on router interfaces only and are applied on routed packets only, VACLs apply to all packets and can be applied to any VLAN or WAN interface.


Actions

This Discussion