Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Ip access list for L2 interface

Simple question:

Is it possible to apply an ip access list to a Layer2 switchport configured as a trunk?

1 ACCEPTED SOLUTION

Accepted Solutions
Bronze

Re: Ip access list for L2 interface

I haven't done this but here is what i found:

"When applied to a trunk port, the ACL filters traffic on all VLANs present on the trunk port. When applied to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs."

http://www.ciscopress.com/articles/article.asp?p=1181682&seqNum=4

5 REPLIES
New Member

Re: Ip access list for L2 interface

Guys, its urgent, please..))

Bronze

Re: Ip access list for L2 interface

Hello,

You can use VACLs. The basic syntax is "vlan access-map" or check

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/vacl.html

Bronze

Re: Ip access list for L2 interface

I haven't done this but here is what i found:

"When applied to a trunk port, the ACL filters traffic on all VLANs present on the trunk port. When applied to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs."

http://www.ciscopress.com/articles/article.asp?p=1181682&seqNum=4

New Member

Re: Ip access list for L2 interface

Thank you!

Another question: is it possible to apply a policy-map configured with ACL to a trunk port?

New Member

Re: Ip access list for L2 interface

This is what I found:

Unlike regular Cisco IOS standard or extended ACLs that are configured on router interfaces only and are applied on routed packets only, VACLs apply to all packets and can be applied to any VLAN or WAN interface.

It seems it doesnt to right with

"When applied to a trunk port, the ACL filters traffic on all VLANs present on the trunk port. When applied to a port with voice VLAN, the ACL filters traffic on both data and voice VLANs."

685
Views
0
Helpful
5
Replies
CreatePlease login to create content