VACL and Switchport Capture

Unanswered Question
Apr 10th, 2008

Hi we have and IDS sensor (handled by another group) and a Capture Engine (for troubleshooting)we want to monitor separate traffic than the other group. How do we do this using the switchport capture command? If this command is used on multple ports won't we hear the traffic the other group is hearing?

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
smahbub Wed, 04/16/2008 - 09:04

VACLs can provide access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN or a WAN interface for VACL capture.VACLs are processed in hardware and they use Cisco IOS ACLs.VACLs ignore any Cisco IOS ACL fields that are not supported in hardware.

Command used to configure the capture port is:: "switchport capture allowed vlan vlanID"

The link below will be useful in configuring VACL:

http://www.cisco.com/en/US/tech/tk389/tk814/technologies_configuration_example09186a00808122ac.shtml#vacl_config

Actions

This Discussion