Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

vlan access-lists

Hi !

We are having 6509 as coreswitch and 3550s as distributed switches and I wanted to restrict access to management vlan leaving few machines in the management vlan.

I could not understand properly vlan access lists that are explained in cisco docs. Can somebody post handful examples of vacls to block traffic to a particular vlan from other vlans(they should not be able to sniff the mngmnt traffic) and then leaving NMS and servers that are in management vlan(so that nms can collect stats).

Thanks in advance for sparing your valuable time.


Re: vlan access-lists

Don't think you need vlan acl's . Just create the access list statements you need to block the traffic you want and you just apply that ACL to the layer 3 SVI (interface vlan XX) . If you have servers in that mgt. vlan that will make it a lot more difficult and you will have to get real specific on what address you want to let get to the vlan and servers which will make list somewhat more complex .

CreatePlease login to create content