Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Apply extended access-list to vlan interface on a 6509

interface vlan 29

     ip access-group Inbound in

     ip access-group Outboud out

i have a simple extended acl applied to the vlan29 as above, but it did not work.

It seems the problem is---> the which is my inside network and which is my outside network. On a router, it is easily idenfied, since

they have physical interfaces, in general. Can i apply the above access-list on a Cat 6509 just like the router do?

4 REPLIES
Hall of Fame Super Blue

Re: Apply extended access-list to vlan interface on a 6509

kope@northropgrumman.com

interface vlan 29

     ip access-group Inbound in

     ip access-group Outboud out

i have a simple extended acl applied to the vlan29 as above, but it did not work.

It seems the problem is---> the which is my inside network and which is my outside network. On a router, it is easily idenfied, since

they have physical interfaces, in general. Can i apply the above access-list on a Cat 6509 just like the router do?

An acl applied inbound on a vlan interface filters traffic coming FROM hosts on that vlan.

An acl applied outbound on a vlan interface filters traffic going to hosts on that vlan.

Jon

Cisco are currently donating money to the Haiti earthquake appeal for every rating so please consider rating all helpful posts.

Re: Apply extended access-list to vlan interface on a 6509

interface vlan 29

     ip access-group Inbound in

     ip access-group Outboud out

i have a simple extended acl applied to the vlan29 as above, but it did not work.

It seems the problem is---> the which is my inside network and which is my outside network. On a router, it is easily idenfied, since

they have physical interfaces, in general. Can i apply the above access-list on a Cat 6509 just like the router do?

Hi,

To apply the ACL in SVI or in Physical port you should have understanding of traffic flow in order to deploy the direction of the acl in interface.

As Jon suggested the direction of ACL,check out the below link on ACL understandings also.

http://www.ciscokits.com/pdf-new/All_about_access_control_lists.pdf

Hope to Help !!

Ganesh.H

Cisco are currently donating money to the Haiti earthquake appeal for every rating so please consider rating all helpful posts.

New Member

Apply extended access-list to vlan interface on a 6509

Hi,

can I use reflexive ACL and apply it on a VLAN?

Thank you,

M

On VLAN ACL, the "IN" ACL is

On VLAN ACL, the "IN" ACL is aplied  before routing. So, "IN", at this point, refers to traffic going out of the VLAN.

 

IMAGE

14722
Views
0
Helpful
4
Replies
CreatePlease to create content