Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access-List on VLAN interfaces issue

Dears

i want to control traffic on specific VLAN. Is Acces-List will be as in routers or differ. Also is explicit deny any any is present by default as in routers or not

Thanks

4 REPLIES

Re: Access-List on VLAN interfaces issue

The same rules apply. There's an implicit deny as in routers. Configure the access list just as you would do on the router then apply the access list to the VLAN interface on the switch and that's all you need.

HTH

Sundar

New Member

Re: Access-List on VLAN interfaces issue

You only have to look out what IN and OUT mean on a vlan-interface.

IN means into the router - out of the vlan.

OUT means out of the Router - into the vlan.

Sometimes that's a little bit confusing.

New Member

Re: Access-List on VLAN interfaces issue

Dear

Thanks for reply. I want to tell you that i'm talking about 6500 switch. Is this make difference ?. and please if you know link to discuss this issue in detail please send me

Thanks

Re: Access-List on VLAN interfaces issue

Hi

As the above poster said think about it like that.for e.g

suppose u have two vlans 2 and 3 and have configured their respective SVI's.

If u want to block the traffic incoming from vlan 2 u need to apply the access-list inbound to vlan2 SVI.

If u want to block the traffic coming from vlan 3 entering into vlan 2 then apply the access-list outbound to vlan 2 SVI.

Thanks

Mahmood

125
Views
0
Helpful
4
Replies