04-01-2010 01:02 PM - edited 03-06-2019 10:25 AM
interface vlan 29
ip access-group Inbound in
ip access-group Outboud out
i have a simple extended acl applied to the vlan29 as above, but it did not work.
It seems the problem is---> the which is my inside network and which is my outside network. On a router, it is easily idenfied, since
they have physical interfaces, in general. Can i apply the above access-list on a Cat 6509 just like the router do?
04-01-2010 01:07 PM
interface vlan 29
ip access-group Inbound in
ip access-group Outboud out
i have a simple extended acl applied to the vlan29 as above, but it did not work.
It seems the problem is---> the which is my inside network and which is my outside network. On a router, it is easily idenfied, since
they have physical interfaces, in general. Can i apply the above access-list on a Cat 6509 just like the router do?
An acl applied inbound on a vlan interface filters traffic coming FROM hosts on that vlan.
An acl applied outbound on a vlan interface filters traffic going to hosts on that vlan.
Jon
Cisco are currently donating money to the Haiti earthquake appeal for every rating so please consider rating all helpful posts.
04-02-2010 06:26 AM
interface vlan 29
ip access-group Inbound in
ip access-group Outboud out
i have a simple extended acl applied to the vlan29 as above, but it did not work.
It seems the problem is---> the which is my inside network and which is my outside network. On a router, it is easily idenfied, since
they have physical interfaces, in general. Can i apply the above access-list on a Cat 6509 just like the router do?
Hi,
To apply the ACL in SVI or in Physical port you should have understanding of traffic flow in order to deploy the direction of the acl in interface.
As Jon suggested the direction of ACL,check out the below link on ACL understandings also.
http://www.ciscokits.com/pdf-new/All_about_access_control_lists.pdf
Hope to Help !!
Ganesh.H
Cisco are currently donating money to the Haiti earthquake appeal for every rating so please consider rating all helpful posts.
10-29-2013 01:50 AM
Hi,
can I use reflexive ACL and apply it on a VLAN?
Thank you,
M
10-01-2014 08:41 PM
On VLAN ACL, the "IN" ACL is aplied before routing. So, "IN", at this point, refers to traffic going out of the VLAN.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: