04-02-2012 02:33 AM
Is there are VLAN ACLs feature similar to VACL's on Cisco supported on CER and FCX platforms ?
I know that I can apply ACL to VE interface or physcial port. But what about ACLs for L2 ports or best particual VLANs ?
04-02-2012 03:31 AM
Here is a scenerio for having an ACL between two L2 switchport on one vlan,
As you can see the ACL 101, 172.16.10.70 ip addressed host can ping 172.16.10.188 but other icmp packets are not allowed to pass throug 1/1/11 interface.
Untag e 1/1/1 to 1/1/12
access-list 101 permit icmp host 172.16.10.70 host 172.16.10.188
access-list 101 deny icmp any any
access-list 101 permit ip any any
interface ve 10
ip access-group 101 in ethernet 1/1/11
hope this helps.