VACL and Switchport Capture

Unanswered Question
Apr 10th, 2008
User Badges:

Hi we have and IDS sensor (handled by another group) and a Capture Engine (for troubleshooting)we want to monitor separate traffic than the other group. How do we do this using the switchport capture command? If this command is used on multple ports won't we hear the traffic the other group is hearing?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
smahbub Wed, 04/16/2008 - 09:04
User Badges:
  • Silver, 250 points or more

VACLs can provide access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN or a WAN interface for VACL capture.VACLs are processed in hardware and they use Cisco IOS ACLs.VACLs ignore any Cisco IOS ACL fields that are not supported in hardware.

Command used to configure the capture port is:: "switchport capture allowed vlan vlanID"

The link below will be useful in configuring VACL:


This Discussion