Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACL on Vlan interface

I am trying to apply an acl on my vlan interfaces that would allow the vlan to initiate tcp traffic. When I apply it I am unable to surf the web from the vlan but I can tftp from the vlan .

3 REPLIES
Cisco Employee

Re: ACL on Vlan interface

This is normal behavior. The first packet coming from the station on the VLAN would not be considered as established.

On the other hand, the established keyword could be configured on an outbound ACL applied to the same VLAN. This would only allow TCP traffic initiated from the VLAN to reenter that same VLAN.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Community Member

Re: ACL on Vlan interface

Got it! Thanks! this pointed me in the right direction and I was able to ge the acl like I wanted thanks!

Silver

Re: ACL on Vlan interface

pwallace,

Please help the NetPro community by rating Harold's extrememly helpful post.

Thanks. :)

132
Views
5
Helpful
3
Replies
CreatePlease to create content