Configuring An Action Clause In A Vlan Access Map Sequence - Cisco 7604 Configuration Manual
Ios software configuration guide
Hide thumbs
Also See for 7604:
- Configuration manual (742 pages) ,
- Installation manual (324 pages) ,
- User manual (98 pages)
Table of Contents
Advertisement
Chapter 35
Configuring VLAN ACLs
Configuring an Action Clause in a VLAN Access Map Sequence
To configure an action clause in a VLAN access map sequence, perform this task:
Command
Router(config-access-map)# action {drop [log]} |
{forward [capture]} | {redirect {{ethernet |
fastethernet | gigabitethernet | tengigabitethernet}
slot / port } | {port-channel channel_id }}
Router(config-access-map)# no action {drop [log]} |
{forward [capture]} | {redirect {{ethernet |
fastethernet | gigabitethernet | tengigabitethernet}
slot / port } | {port-channel channel_id }}
When configuring an action clause in a VLAN access map sequence, note the following information:
•
•
•
•
•
•
•
•
•
•
•
•
See the
OL-4266-08
You can set the action to drop, forward, forward capture, or redirect packets.
VACLs applied to WAN interfaces support only the forward capture action. VACLs applied to WAN
interfaces do not support the drop, forward, or redirect actions.
Forwarded packets are still subject to any configured Cisco IOS security ACLs.
The capture action sets the capture bit for the forwarded packets so that ports with the capture
function enabled can receive the packets. Only forwarded packets can be captured. For more
information about the capture action, see the
VACLs applied to WAN interfaces do not support the log action.
When the log action is specified, dropped packets are logged in software. Only dropped IP packets
can be logged.
The redirect action allows you to specify up to five interfaces, which can be physical interfaces or
EtherChannels. You cannot specify packets to be redirected to an EtherChannel member or a VLAN
interface.
The redirect interface must be in the VLAN for which the VACL access map is configured.
With a PFC3, if a VACL is redirecting traffic to an egress SPAN source port, SPAN does not copy
the VACL-redirected traffic.
With a PFC2, if a VACL is redirecting traffic to an egress SPAN source port, SPAN copies the
VACL-redirected traffic.
SPAN and RSPAN destination ports transmit VACL-redirected traffic.
Use the no keyword to remove an action clause or specified redirect interfaces.
"VLAN Access Map Configuration and Verification Examples" section on page
Cisco 7600 Series Router Cisco IOS Software Configuration Guide, Release 12.2SX
Purpose
Configures the action clause in a VLAN access map
sequence.
Deletes the action clause in from the VLAN access map
sequence.
"Configuring a Capture Port" section on page
Configuring VACLs
35-9.
35-9.
35-7
- Quick Links:
- Supported Hardware and Software
Hide quick links:
Advertisement
Chapters
Table of Contents
