01-09-2021 02:30 AM
I am working on a Catalyst 2960 switch in packet tracer at the moment and I'm trying to create a VACL.
My intentention is to block ICMP traffic from PC1 (192.168.10.1) to a server (SERVER1) with ip 192.168.10.100. Both are on vlan 10.
What I've done so far:
SW1(config)# int f0\0 #Link to PC1
SW1(config-if)# switchport access lan 10
SW1(config)ip access-list extended BLK_PING
SW1(config-ext-nacl)#permit icmp any any
SW1(config)#vlan access-map BLK_PING
% Invalid input detected at '^' marker.
If I investigate the command parameters for 'vlan', only the vlan id's can be used as parameter. Nothing else.
So I would like to ask what I'm missing...
Thanks in advance, Kees
Solved! Go to Solution.
01-09-2021 04:20 AM
Hello
I wouldn’t trust PT at all for any proof of concept as it’s has limited features and is way to flaky as a lab solution - So i wouldn’t be supprised if as @Georg Pauwen stated vacl isn’t supported in PT
As for the vacl being supported on a proper 2960 switch - according to cco it seems to be on software 12.2(58)SE1 +
01-09-2021 02:44 AM
check this and use correct syntax :
https://community.cisco.com/t5/switching/vacls-really-not-supported-on-2960x-lan-base/td-p/3078352
if still not working can you post show ver ?
01-09-2021 04:20 AM
Hello
I wouldn’t trust PT at all for any proof of concept as it’s has limited features and is way to flaky as a lab solution - So i wouldn’t be supprised if as @Georg Pauwen stated vacl isn’t supported in PT
As for the vacl being supported on a proper 2960 switch - according to cco it seems to be on software 12.2(58)SE1 +
01-09-2021 03:37 AM
Hello,
as far as I recall, VACLs are not supported in Packet Tracer at all.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: