https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534390#M98522 <P>We have Cisco 6500 catalyst running on native IOS 12.1(13) and recently purchased a IDSM2 (5.1). I have succesfully tested it to run on promiscous mode, but I having problem on applying a VACL configuration. I want apply VACL so I could have a control on VLAN. I followed the config on the configuration manual on cisco site but still unsuccesfull. Anyone could help me on this? Hope someone could give sample config for this. Thanks</P><P></P><P>Configuration Done: </P><P></P><P>intrusion-detection module 5 data-port 1 capture allowed-vlan 1</P><P>intrusion-detection module 5 data-port 1 capture</P><P>.</P><P>.</P><P>.</P><P>vlan access-map CAPTURE 10</P><P>match ip address MATCH</P><P>action forward capture</P><P>.</P><P>.</P><P>.</P><P>ip access-list extended MATCH</P><P>permit ip any any</P><P></P><P></P><P>cat6500:</P><P>Slot 1 : Sup2/MSFC2</P><P>Slot 3 : 48 Ports / RJ45 </P><P>Slot 5 : IDSM2</P><P></P><P></P><P>note: Port 3/1 - 5 is member of Vlan 1</P><P> - Succeful detecting in Span Port</P><P> - VACL not succesful</P><P></P><P></P><P></P> Sun, 10 Mar 2019 09:59:55 GMT koiflowerhorn 2019-03-10T09:59:55Z https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534390#M98522 <P>We have Cisco 6500 catalyst running on native IOS 12.1(13) and recently purchased a IDSM2 (5.1). I have succesfully tested it to run on promiscous mode, but I having problem on applying a VACL configuration. I want apply VACL so I could have a control on VLAN. I followed the config on the configuration manual on cisco site but still unsuccesfull. Anyone could help me on this? Hope someone could give sample config for this. Thanks</P><P></P><P>Configuration Done: </P><P></P><P>intrusion-detection module 5 data-port 1 capture allowed-vlan 1</P><P>intrusion-detection module 5 data-port 1 capture</P><P>.</P><P>.</P><P>.</P><P>vlan access-map CAPTURE 10</P><P>match ip address MATCH</P><P>action forward capture</P><P>.</P><P>.</P><P>.</P><P>ip access-list extended MATCH</P><P>permit ip any any</P><P></P><P></P><P>cat6500:</P><P>Slot 1 : Sup2/MSFC2</P><P>Slot 3 : 48 Ports / RJ45 </P><P>Slot 5 : IDSM2</P><P></P><P></P><P>note: Port 3/1 - 5 is member of Vlan 1</P><P> - Succeful detecting in Span Port</P><P> - VACL not succesful</P><P></P><P></P><P></P> Sun, 10 Mar 2019 09:59:55 GMT https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534390#M98522 koiflowerhorn 2019-03-10T09:59:55Z https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534391#M98523 <HTML><HEAD></HEAD><BODY><P>can you please show me the config of you Cat 6500 where you are defining the capturing ports and also where you are applying the filter CAPTURE to VLAN 1.. NOTE: IDSM2 uses ports 7 and 8 on the respective module ..</P><P></P><P></P><P></P><P></P></BODY></HTML> Wed, 03 May 2006 01:57:29 GMT https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534391#M98523 Fernando_Meza 2006-05-03T01:57:29Z https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534392#M98524 <HTML><HEAD></HEAD><BODY><P>Hi Fernando,</P><P></P><P> Above is the exact configuration I used. Plus ports 3/1 &amp; 3/2 of as switcport access.</P><P></P><P>Thanks,</P><P></P><P></P></BODY></HTML> Wed, 03 May 2006 05:31:12 GMT https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534392#M98524 koiflowerhorn 2006-05-03T05:31:12Z https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534393#M98525 <HTML><HEAD></HEAD><BODY><P>Add the following to have the VLAN access-map only look at traffic on VLAN 1.</P><P></P><P>vlan filter CAPTURE vlan-list 1</P><P></P><P></P><P></P><P></P></BODY></HTML> Thu, 04 May 2006 01:34:22 GMT https://community.cisco.com/t5/network-security/idsm2-vacl-configuration/m-p/534393#M98525 DanielSpeck 2006-05-04T01:34:22Z