[c-nsp] PACL RACL and SPAN in Catalyst 6500?

schilling schilling2006 at gmail.com
Tue May 20 11:26:13 EDT 2008


We have 12.2(18)SXF11 in production and 12.2(33)SXH in test on PFC3bxl.

We want to SPAN the internet traffic after the border RACL applied on L3 SVI
to reduce the false positive of snort alert such like udp 1443 etc. We
SPANned the SVI, but are getting all sort of traffic without filtering. If
we remove the same ACL from L3 SVI and apply it to physical interface as
PACL, then span the SVI, will we be able to get spanned traffic after the
PACL?

Thanks.

Schilling


More information about the cisco-nsp mailing list