Network Security Technologies and Solutions

Prev | Current Page 172 | Next

Yusuf Bhaiji

"Network Security Technologies and Solutions"

4. Configure an action clause in a VLAN access map sequence.
5. Apply the VLAN access map to the specified VLANs.
6. Display VLAN access map information.
Example 4-6 shows how to define and apply a VACL to drop packets matching access list 1 from network
192.168.1.0/24; all other packets matching access list 2 are forwarded. The VACL is applied to VLANs 5 through
10.
Example 4-6. VACL Configuration Example
Code View:
Switch(config)#access-list 1 permit 192.168.1.0 0.0.0.255
Switch(config)#access-list 2 permit any
Switch(config)#vlan access-map mymap 10
Switch(config-access-map)#match ip address 1
Switch(config-access-map)#action drop
Switch(config-access-map)#exit
Switch(config)#vlan access-map mymap 20
Switch(config-access-map)#match ip address 2
Switch(config-access-map)#action forward
Switch(config-access-map)#exit
Switch(config)# vlan filter mymap vlan-list 5-10
Switch(config-access-map)#end
Switch# show vlan access-map
Vlan access-map "mymap" 10
Match clauses:
ip address: 1
Action:
drop
Vlan access-map "mymap" 20
Match clauses:
ip address: 2
Action:
Forward
Switch# show vlan filter
VLAN Map mymap is filtering VLANs:
5-10
MAC ACL
MAC ACL, also known as Ethernet ACL, can filter non-IP traffic on a VLAN and on a physical Layer 2 interface by
using MAC addresses in a named MAC extended ACL.

Pages:
160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184

Mastering Joomla! 1.5 Extension and Framework Development (page 424) The Essential Guide to CSS and HTML Web Design (page 278) Microsoft Windows Server 2008 Administration (page 27)

Electronic Books

Yusuf Bhaiji

"Network Security Technologies and Solutions"