Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
861
Views
10
Helpful
3
Replies

VACL on 3650 Missing Command

Ironpudge
Level 1
Level 1

‎04-26-2021 07:39 AM

Hello.  I have a Catalyst 3650 Lan Base with Gibraltar 16.12 installed.  Per their configuration guide, https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/16-12/configuration_guide/sec/b_1612_sec_3650_cg/configuring_ipv4_acls.html I should be able to enable a VACL using the command vlan access-map.  When I attempt to use this command, it shows as unrecognized.  If I do vlan ?, I only show accounting, configuration, dot1q, and group.  No access-map option.  I checked the command reference and the feature list, and all show it should be there.  Any thoughts or suggestions?  Thank you.Switching, Catalyst 3000

Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎04-26-2021 07:51 AM

is this real gear ? can you post show version ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Ironpudge
Level 1
Level 1
In response to balaji.bandi

‎04-26-2021 08:02 AM

Yes, this is physical hardware we have running.  I believe it may be because it is lanbase and not ipbase.  Although if I go to https://cfnng.cisco.com/archived-data and choose my device, IOS XE version, and license of lanbase, it says VACL's are supported.

 

1840  VLAN Access Control List (VACL)

 

Also, as I listed in the Security Guide above, it doesn't mention anything about it not being supported.  But doing some additional searching I found https://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/16-1/configuration_guide/b_161_consolidated_3650_cg/b_161_consolidated_3650_cg_chapter_01000001.html

 

It has listed in it:

 

This section lists the prerequisites for configuring network security with access control lists (ACLs).

On switches running the LAN base feature set, VLAN maps are not supported.

 

So I assume that is why.

paul driver
VIP
VIP
In response to Ironpudge

‎04-26-2021 08:28 AM

Hello
whats the current running  sdm template 

show sdm prefer

 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents