02-02-2007 08:14 AM - edited 03-05-2019 02:08 PM
Hi,
Is VLAN tagged traffic (dot1q or ISL) that enters a switch tested against a VLAN access map, or is it classed as already being in the VLAN beacuse it is tagged and therefore bypasses the access map
Regards
02-08-2007 12:42 PM
n global configuration mode, use this command to create or modify a VLAN map. This entry changes the mode to VLAN access-map configuration, where you can use the match access-map configuration command to specify the access lists for IP or non-IP traffic to match and use the action command to set whether a match causes the packet to be forwarded or dropped.
In VLAN access map configuration mode, these commands are available:
* action: sets the action to be taken (forward or drop).
* default: sets a command to its defaults
* exit: exits from VLAN access-map configuration mode
* match: sets the values to match (IP address or MAC address).
* no: negates a command or set its defaults
When you do not specify an entry number (sequence number), it is added to the end of the map.
There can be only one VLAN map per VLAN and it is applied as packets are received by a VLAN.
You can use the no vlan access-map name [number] command with a sequence number to delete a single entry.
In global configuration mode, use the vlan filter interface configuration command to apply the map to one or more VLANs.
02-09-2007 01:28 AM
I can read the online docs aswell but I really wanted the question answered
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide