05-27-2010 01:21 AM - edited 03-06-2019 11:17 AM
There is a feature on Cisco High End Switches (Catalyst 6500/7600) that allows you to "mirror" traffic from a source to a destination using ACLs to further filter out only required traffic i.e. when port bandwidth is restrictive or for security reasons.
http://www.cisco.com/application/pdf/paws/89962/vacl_capture.pdf
I was wondering if this feature could also be achived on Cisco 4500 or 3750 series switches perhaps following a different method.
Regards.
05-27-2010 01:49 AM
There is a feature on Cisco High End Switches (Catalyst 6500/7600) that allows you to "mirror" traffic from a source to a destination using ACLs to further filter out only required traffic i.e. when port bandwidth is restrictive or for security reasons.
http://www.cisco.com/application/pdf/paws/89962/vacl_capture.pdf
I was wondering if this feature could also be achived on Cisco 4500 or 3750 series switches perhaps following a different method.
Regards.
Hi ,
VACL capture works with most of the newer Cisco switches including the 6500, 4500, 4900, 3750E, 3750, 3560E, and the 3560. To find out if your switch supports this feature take a look at the below link for more information.
Hope to Help !!
Ganesh.H
Remember to rate the helpful post
05-27-2010 02:00 AM
Sorry, but I've tried on C3750 to configure VACL and it's not possible. Then I thought that my IOS is old and I tried with Cisco Software Advisory to find a IOS to support VACL. I couldn't find one. When you type VACL, or Vlan ACL or any other combination there is no result.
With C6500, when I have typed VACL in the advisory feature field, the term was recognized immediately.
Are you sure about C3750 supporting VACLs?
05-27-2010 01:50 AM
Hi!
I think you can achieve similar results using the "filter" parameter on SPAN or RSPAN:
sw1-c3750(config)#monitor session 1 filter ?
ip Specify IP Access control rules
mac Specify MAC Access control rules
vlan SPAN filter VLAN
E.g. I have tried on the c3750 a SPAN configureation with source one vlan, and in this vlan only http traffic to destination X. It worked fine, but I didn't had the time to go into more detailed tests.
Let me know if this helps you.
05-27-2010 02:36 AM
I tried to find in feature navigatr this feature (VACL Capture) but is only listed for Cisco Catalyst 6500/7600.
On the other hand, in the Cisco Catalyst Switch Guide, it says that VACL Capture is also present into the Low End Switches.
Moreover I came accross to this article by networdwold: http://www.networkworld.com/community/node/33617
which also mentions that is supported on the Low End.
I tried the commands my self and they do not seem to exist. Again perhaps s a software or feature (EI) issue.
I would test further and let you know.
05-27-2010 04:04 AM
Can you confirm the version and model number of the c3750 that the
"monitor destination <1-6> filter ip
Regards.
05-27-2010 04:39 AM
I cannot find that command either, but the filter parameter is related to monitor session and to source or destination:
sw1-c3750(config)#monitor session 1 filter ip access-group ?
<1-199> IP access list (standard or extended)
<1300-2699> IP expanded access list (standard or extended)
WORD Access-list name
on C3750 with c3750-ipservicesk9-mz.122-46.SE.bin
I saw now that on C3750E you have the possibility to support VACL, but not capture with VACL.
05-29-2010 08:15 AM
Ok. Thanks.
I could find the commands on some c3570 Gigabit Switches, but not on some older 10/100Mb. That's weird.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide