Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

VACL

rakeshvelagala
Level 3
Level 3

‎10-29-2015 06:06 PM - edited ‎03-08-2019 02:30 AM

Dear All,

Please advise on the below.

Say in vlan 3 i have hosts 10.1.1.1 and 10.1.1.2. I have applied the vlan filter as below. According to the Cisco DOC for VACL, even if there is a deny for the host, it will still check the next sequence and if there is a permit any time below for those IP, it will still allow th traffic. Can someone please advise if my understanding is correct?

So can the two hosts communicate with each other?

vlan access-map testing 10

match ip address testing
action forward

vlan filter test vlan-list 3

And my Access list is as below 

ip access-list extended testing

deny ip any any

permit ip any any

Thanks

1 person had this problem
Labels:
0 Helpful
Who Me Too'd this topic