Showing posts with label VACL. Show all posts
Showing posts with label VACL. Show all posts

Thursday, 20 July 2023

What is VLAN Access List? How to configure VACL?

 

VLAN Access List

VLAN ACL Is very useful when we want to filter traffic within the VLAN. When we configure VACL on the switch, all the packets entering the VLAN are checked against the VLAN access list. In VACL you cannot define the direction like router ACL. A VACL can either drop a matching packet, forward it, or redirect it to another interface. Notice that the VACL is applied globally to one or more VLANs listed and not to a VLAN interface switch virtual interface (SVI).

How to proceed

  • 1.      Configure ACL standard or extended as per your requirement for VACL.
  • 2.      Configure a VLAN access map for matching the IP hosts
  • 3.      Configure the action forward or drop
  • 4.      Apply the VACL map to the VLAN.
  • 5.      Verify the VACL map information.

 https://youtube.com/@internetworkss

 Topology: -



  • configure IP addresses on PCs as per the topology
  • configure the default gateway as per the topology
  • configure inter-VLAN- routing SVI
  • configure IP address 10.1.1.1 on VLAN 10
  • configure IP address 20.1.1.1 on VLAN 20
  • at this point make sure all four PCs can ping each other 
  • configure ACL 10 
  • configure VACL make sure PC1 cannot communicate with any VLAN 20 PC
Read more »
By at 1 comment:
Labels:
Subscribe to: Posts (Atom)

What is BGP Allowas-in Feature? How to configure BGP Allowas-in? GNS3

  BGP Allowas-in is a configuration option in Border Gateway Protocol (BGP) routing that allows a router to accept routes with its own AS (A...