VLAN filtering not working as expected

Unanswered Question

I am trying to kill off some NETBIOS traffic within a VLAN with a VLAN filter map so it dosn't keep filling up my logs when it fails against the inbound ACL on the VLAN interface but it is not working as I expect it to (and my other VLAN filter maps are).

I am working with VLAN 4, so I have:

interface Vlan4

description Console and Management Traffic

ip address

ip access-group Console_NetIn in

ip access-group Console_NetOut out


My IP Access-list:

Extended IP access list NetBiosMap

10 permit udp host host range 127 128

20 permit udp host eq 127 any

30 permit udp host eq 128 any

My Vlan Access-map:

vlan access-map Filter_VL4 10

action drop

match ip address NetBiosMap

vlan access-map Filter_VL4 20

action forward


vlan filter Filter_VL4 vlan-list 4


VLAN Map Filter_VL4 is filtering VLANs:


--------------- but -----------

I keep getting:

Feb 4 13:56:34: %SEC-6-IPACCESSLOGP: list Console_NetIn denied udp ->, 1 packet

ARGH! Help?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Giuseppe Larosa Wed, 02/04/2009 - 12:14
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member


This Discussion