Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VACL and Switchport Capture

Hi we have and IDS sensor (handled by another group) and a Capture Engine (for troubleshooting)we want to monitor separate traffic than the other group. How do we do this using the switchport capture command? If this command is used on multple ports won't we hear the traffic the other group is hearing?

1 REPLY
Silver

Re: VACL and Switchport Capture

VACLs can provide access control for all packets that are bridged within a VLAN or that are routed into or out of a VLAN or a WAN interface for VACL capture.VACLs are processed in hardware and they use Cisco IOS ACLs.VACLs ignore any Cisco IOS ACL fields that are not supported in hardware.

Command used to configure the capture port is:: "switchport capture allowed vlan vlanID"

The link below will be useful in configuring VACL:

http://www.cisco.com/en/US/tech/tk389/tk814/technologies_configuration_example09186a00808122ac.shtml#vacl_config

714
Views
0
Helpful
1
Replies