[cisco-bba] VACL question

Andy Saykao andy.saykao at staff.netspace.net.au
Tue Mar 18 21:15:58 EDT 2008


Hi Guys,
 
Playing around with VACL on a 6500 and trying to capture port 80 traffic
on vlan 11and send this to capture port g5/1.
 
My config is below. It's basically taken from a guide by Cisco.
 
http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/na
tive/configuration/guide/vacl.html
<http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/n
ative/configuration/guide/vacl.html> 
 
My problem is that we aren't seeing any traffic being captured on the
capture port.
 
We aren't seeing any counters increasing when viewing the extended
access list of HTTP_TRAFFIC and VLAN11_TRAFFIC - BUT if we accidentally
remove HTTP_CAPTURE 20 (permit ip any any), out network dies because
it's now only letting WWW traffic through so I'm thinking the VACL is
working but for some reason it's not sending captured packets to the
capture port. Any ideas???
 
1/ Define the interesting traffic.
 
ip access-list extended HTTP_TRAFFIC
permit tcp any any eq www
 
ip access-list extended VLAN11_TRAFFIC
permit ip any any
 
2/ Define the VLAN access map.
 
vlan access-map HTTP_CAPTURE 10
match ip address HTTP_TRAFFIC
action forward capture
 
vlan access-map HTTP_CAPTURE 20
match ip address VLAN11_TRAFFIC
action forward

3/ Apply the VLAN access map to the appropriate VLANs.
 
vlan filter HTTP_CAPTURE vlan-list 11
 
4/ Configure the Capture Port.
 
int g5/1
switchport capture allowed vlan 11
switchport capture
 
Thanks.
 
Andy

This email and any files transmitted with it are confidential and intended solely for the 
use of the individual or entity to whom they are addressed. Please notify the sender 
immediately by email if you have received this email by mistake and delete this email 
from your system. Please note that any views or opinions presented in this email are solely
 those of the author and do not necessarily represent those of the organisation. 
Finally, the recipient should check this email and any attachments for the presence of 
viruses. The organisation accepts no liability for any damage caused by any virus 
transmitted by this email. 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://puck.nether.net/pipermail/cisco-bba/attachments/20080319/d18e0207/attachment.html 


More information about the cisco-bba mailing list