Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
767
Views
0
Helpful
1
Replies

VACL configuration

cflory
Level 1
Level 1

‎10-13-2003 01:58 PM - edited ‎03-02-2019 10:58 AM

Trying to setup VACL to output data on multiple VLANs to one capture port. I have 3 VLANs as part of my security ACL, and have a FreeBSD box off of that trunked capture port trunking all 3 of those VLANs. The access-list for the security ACL is 'permit ip any any'.

The problem is that I only see traffic one way for one VLAN to the other. I see multicast/broadcast traffic from all 3 VLANs with the correct 'tag' information. However, I cannot see bidirectional traffic.

So, two questions:

1. What am I missing?

2. Why do I not see anything in the 'show security acl log flow ip any any'? (Shows nothing listed, just '0')

Thanks!

Labels:
0 Helpful
1 Reply 1

cflory
Level 1
Level 1

‎10-14-2003 06:48 AM

Nevermind...the problem seemed to be that I did not have all VLAN interfaces up on the FreeBSD box (so they weren't part of the trunk), and the other issue was related to the VACL only logging hits on the ACL for 'deny' rules. I don't understand why I can't log permits, but who knows. I am on 7.4.2 of the 6500 CatOS.

Seeing traffic now, so that's good. :)

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card