cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
349
Views
0
Helpful
4
Replies

Access-List on VLAN interfaces issue

seegomaa
Level 1
Level 1

Dears

i want to control traffic on specific VLAN. Is Acces-List will be as in routers or differ. Also is explicit deny any any is present by default as in routers or not

Thanks

4 Replies 4

The same rules apply. There's an implicit deny as in routers. Configure the access list just as you would do on the router then apply the access list to the VLAN interface on the switch and that's all you need.

HTH

Sundar

rolf.fischer_2
Level 1
Level 1

You only have to look out what IN and OUT mean on a vlan-interface.

IN means into the router - out of the vlan.

OUT means out of the Router - into the vlan.

Sometimes that's a little bit confusing.

Dear

Thanks for reply. I want to tell you that i'm talking about 6500 switch. Is this make difference ?. and please if you know link to discuss this issue in detail please send me

Thanks

Hi

As the above poster said think about it like that.for e.g

suppose u have two vlans 2 and 3 and have configured their respective SVI's.

If u want to block the traffic incoming from vlan 2 u need to apply the access-list inbound to vlan2 SVI.

If u want to block the traffic coming from vlan 3 entering into vlan 2 then apply the access-list outbound to vlan 2 SVI.

Thanks

Mahmood

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco