Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
650
Views
0
Helpful
4
Replies

VLAN interface and access-list

paulo.roque
Level 1
Level 1

‎05-23-2003 02:06 PM - edited ‎03-02-2019 07:36 AM

What does a access-list do when applied to an VLAN interface? It filter all traffic to or from any interface that belongs to that VLAN?

access-list 101 permit icmp any any echo

access-list 101 permit icmp any any echo-reply

!

interface VLAN10

ip access-group 101 out

Labels:
0 Helpful
4 Replies 4

t.baranski
Level 4
Level 4

‎05-24-2003 05:36 PM

It filters *routed* traffic to or from an interface in the VLAN; e.g., traffic to or from other VLANs.

0 Helpful

Bradley Littlejohn
Cisco Employee
Cisco Employee
In response to t.baranski

‎05-25-2003 05:56 PM

This access is applied out bound. So, it is going to be affecting traffic going to hosts in vlan 10. But, hosts in vlan 10 have nothing applied to them coming in. Remember, your reference point of in and out ,is "if -you -were- sitting -inside -the -router".

0 Helpful

rmv72
Level 1
Level 1
In response to Bradley Littlejohn

‎05-26-2003 10:53 AM

Can you explain "if -you -were- sitting -inside -the -router"? From which side i must imagine VLAN 10?

0 Helpful

t.baranski
Level 4
Level 4
In response to rmv72

‎05-27-2003 03:35 PM

You just have to think of it as any other interface. It sounds intuitive but it really confused me at first -- I couldn't figure out for the life of me why my access lists weren't working.

Packets from VLAN 10 are going *in* the VLAN 10 interface; packets to VLAN 10 are going *out* the VLAN 10 interface.

0 Helpful
Customers Also Viewed These Support Documents