I have a VACL set up to forward/capture certain VLAN traffic to an ART applaicne. However, when I attepmt tp limit or exclude Veritas traffic, it still allows all traffic through. What am I doing wrong?

vlan access-map VACL_MAP 10

match ip address VACL_LIST

action forward capture

vlan access-map VACL_MAP 20

match ip address VACL_LIST_ALL

action forward

vlan filter VACL_MAP vlan-list 101,280-298,501,510,803-804,806,808,813-815,875

ip access-list extended VACL_LIST

3 deny tcp any any eq 9284

4 deny tcp any any eq 13709

5 deny tcp any any eq 13711

10 deny tcp any any range 13701 13702

20 deny tcp any any range 13705 13706

30 deny tcp any any range 13713 13724

40 deny tcp any any range 13782 13784

50 permit ip any any

ip access-list extended VACL_LIST_ALL

10 permit ip any any