I have just set up a VACL capture on a 6509. I am able to see ip traffic on vlan but am unable to see any ICMP traffic. Three questions.
1. If i want to make changes to a VACL that is capturing, do i need to somehow reset or reload the VACL in memory before the changes take effect? I ask this because i did not have a "permit icmp any any" in the VACL at first but then added it which did not start capturing ICMP.
2. Is a VACL just simply unable to capture ICMP?
3. For VACL capture to work does that VLAN's SVI need to live on the switch that is capturing? In otherwords, could i capture on a VLAN that uses its default gateway in a FWSM?
Thanks for all your help guys. I have spent a fair amount of time digging for these answers and was hoping somebody could help me out!