»Unlabelled » Filter Trafic Within Vlan Switch

Filter Trafic Within Vlan Switch

Posted by fanie on Friday, January 11, 2013

The best way is using vlan access-map.

we want to filter ping packet from R1  - SW1 - R2 in vlan 25

SW1
ip access-list extended ICMP
permit icmp any any

vlan access-map block-icmp 10
match ip address ICMP
action drop
vlan access-map 20
action forward

Then apply this policy to selected vlan 25 using this command :

vlan filter block-icmp vlan-list 25






at 7:55 PM

{ 0 comments... read them below or add one }


Post a Comment