C H A P T E R
35-1
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
OL-4266-08
35
Configuring VLAN ACLs
This chapter describes how to configure VLAN ACLs (VACLs) on Cisco 7600 series routers.
Note
•
For complete syntax and usage information for the commands used in this chapter, refer to the
Cisco
IOS Master Command List
, Release 12.2SX at this URL:
http://www.cisco.com/en/US/docs/ios/mcl/122sxmcl/12_2sx_mcl_book.html
•
With a Supervisor Engine 720 and releases earlier than Release 12.2(17d)SXB, VACL capture is
supported only for use with the WS-SVC-IDSM2-K9 Intrusion Detection System Module 2 and the
WS-SVC-NAM-2 and WS-SVC-NAM-1 network analysis modules. This restriction is removed in
Release 12.2(17d)SXB and later releases.
•
OAL and VACL capture are incompatible. Do not configure both features on the router. With OAL
configured (see the
“Optimized ACL Logging with a PFC3” section on page 34-5
), use SPAN to
capture traffic.
This chapter consists of these sections:
•
Understanding VACLs, page 35-1
•
Configuring VACLs, page 35-4
•
Configuring VACL Logging, page 35-11
Tip
For additional information (including configuration examples and troubleshooting information), see the
documents listed on this page:
http://www.cisco.com/en/US/products/hw/routers/ps368/tsd_products_support_series_home.html
Understanding VACLs
These sections describe VACLs:
•
VACL Overview, page 35-2
•
Bridged Packets, page 35-2
•
Routed Packets, page 35-3
•
Multicast Packets, page 35-4