In addition to what Reza stated, vlan acls are used for L2 intra-vlan traffic when you want to block a host from another host in the same vlan. L3 SVIs use standard acls to block inter-vlan traffic when one host is needing to be blocked from another in a different vlan.
Block host in vlan 1 from accessing another host in vlan 1 - Use vacl
Block host in vlan 1 from accessing another host in vlan 20 - Use normal acl on the SVI
Ok is the specific order that VACL's need to be configured? Could I essentially make the ip access-list's first then tie them to the map, then assign the map to the filter for the specific vlan? This kind of reminds me of route maps.
Also why do you have to do the rules like they are for the HTTP_AND_HTTPS ACL? permit tcp any any eq www, but then to have to permit tcp any eq www any?
I have never seen an ACL like that before, why would permit tcp any any eq www take care of all port 80 traffic in both directions?
Hi everyone, I would like to thank you in advance for any help you can provide a newcomer like myself!
Im studying the 100-105 book by Odom and am currently on the topic of Port security. I purchased a used 2960 and I'm trying to follow a...
While deploying a number of 18xx/2802/3802 model access points (APs), which run AP-COS as their operating platform. It can be observed on some occasions that while many of their access points were able to join the fabric WLC withou...
I am going to design and build an LAN network under a tunnel underground with long distance between the switches.
I will have 2 Catalyst switches and 8 Industrial IE3000, and they will be connected with fiber.
For now I am planning on use Layer-2 s...