cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1142
Views
15
Helpful
3
Replies

vlan access-map commend fails

keesepema
Level 1
Level 1

I am working on a Catalyst 2960 switch in packet tracer at the moment and I'm trying to create a VACL.
My intentention is to block ICMP traffic from PC1 (192.168.10.1) to a server (SERVER1) with ip 192.168.10.100. Both are on vlan 10.

 

What I've done so far:

 

SW1(config)# int f0\0                              #Link to PC1

SW1(config-if)# switchport access lan 10

SW1(config)ip access-list extended BLK_PING

SW1(config-ext-nacl)#permit icmp any any

SW1(config)#vlan access-map BLK_PING

       % Invalid input detected at '^' marker.

If I investigate the command parameters for 'vlan', only the vlan id's can be used as parameter. Nothing else.

 

So I would like to ask what I'm missing...

 

Thanks in advance, Kees

 

 

 

 

 

1 Accepted Solution

Accepted Solutions

Hello

I wouldn’t trust PT at all for any proof of concept as it’s has limited features and is way to flaky as a lab solution - So i wouldn’t be supprised if  as @Georg Pauwen  stated vacl isn’t supported in PT

As for the vacl being supported on a proper 2960 switch - according to cco it seems to be on software 12.2(58)SE1 + 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

check this and use correct syntax :

 

https://community.cisco.com/t5/switching/vacls-really-not-supported-on-2960x-lan-base/td-p/3078352

 

if still not working can you post show ver ?

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Hello

I wouldn’t trust PT at all for any proof of concept as it’s has limited features and is way to flaky as a lab solution - So i wouldn’t be supprised if  as @Georg Pauwen  stated vacl isn’t supported in PT

As for the vacl being supported on a proper 2960 switch - according to cco it seems to be on software 12.2(58)SE1 + 


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Hello,

 

as far as I recall, VACLs are not supported in Packet Tracer at all.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco