Displaying Vlan Access Map Information; Using Vlan Maps With Router Acls - Cisco 4500M Software Manual

Chapter 35 Configuring Network Security with ACLs

Displaying VLAN Access Map Information

To display information about VLAN access maps or VLAN filters, perform one of these tasks.
Command
Switch# show vlan access-map [ mapname ]
Switch# show vlan filter [access-map name |
vlan vlan-id ]
This is a sample output of the show vlan access-map command:
Switch# show vlan access-map
Vlan access-map "map_1" 10
Match clauses:
Action:
Vlan access-map "map_1" 20
Match clauses:
Action:
Vlan access-map "map_1" 30
Match clauses:
Action:
Sequence 30 does not have a match clause. All packets (IP as well as non-IP) will be matched against it
Note
and dropped.
This is a sample output of the show vlan filter command:
Switch# show vlan filter
VLAN Map map_1 is filtering VLANs:
20-22

Using VLAN Maps with Router ACLs

If the VLAN map has a match clause for a packet type (IP or MAC) and the packet does not match the
type, the default is to drop the packet. If there is no match clause in the VLAN map, and no action is
specified, the packet is forwarded if it does not match any VLAN map entry.
You cannot combine VLAN maps or input router ACLs with port ACLs on a switch.
Note
OL-6696-01
ip address: ip1
drop
mac address: mac1
forward
drop
Purpose
Show information about all VLAN access-maps or the
specified access map.
Show information about all VLAN filters or about a specified
VLAN or VLAN access map.
Software Configuration Guide—Release 12.2(25)EW
Displaying VLAN Access Map Information
35-19