Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

vlanaccess-list

Hello!

Plz Experts;convert these entry to a simple Vlan-access-list instead of whole lines

10xs

ip access-list extended ACL-ACL

permit tcp 192.168.128.0 0.0.127.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.64.0 0.0.63.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.32.0 0.0.31.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.16.0 0.0.15.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.12.0 0.0.3.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.11.0 0.0.0.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.8.0 0.0.1.255 10.10.100.0 0.0.0.255 eq 80

permit tcp 192.168.0.0 0.0.7.255 10.10.100.0 0.0.0.255 eq 80

permit ip 192.168.0.0 0.0.255.255 10.10.100.0 0.0.0.255

5 REPLIES
Hall of Fame Super Bronze

Re: vlanaccess-list

New Member

Re: vlanaccess-list

Hello Edison1

i mean via this config:

ip access-list Standard ACL-1

permit 192.168.0.0 0.0.255.255

vlan-access map Fliter 10 ????????

??????????? and so on.i dont know what next?????????????

and the vlan should be applied on it vlan 199

10xs Edusson

Hall of Fame Super Bronze

Re: vlanaccess-list

Understood, you want to configure a VACL.

From the ACL you have, just do:

vlan-access map ALI

match ip address ACL-ACL

action forward

vlan filter ALI vlan-list 199

For more information see:

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat3560/12240se/scg/swacl.htm#wp1600210

New Member

Re: vlanaccess-list

hi Edisson

i guess we need here an Action Drop and do we need to mention the eq 80 with the defined vlan access-list

10xs

Hall of Fame Super Bronze

Re: vlanaccess-list

I don't see any deny statement in your ACL. Whatever is not in the ACL will be dropped.

It's an implicit denied.

134
Views
5
Helpful
5
Replies