cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
getzjd
New Contributor II

How do I apply an ACL to a VLAN interface?

Jump to solution

We wish to apply an ACL to a VLAN interface on a 1638 with VRRP enabled, however, the same command that works on the 1335, does not seem to work on the 1638.  I tried looking into the AOS commands PDF , but it seems that the ip access-group command should work.  For example:

I applied the access list  guest_block to the Interface VLAN 36  on a 1335 by simply issuing the ip access-group guest_block out command

interface vlan 36

  description WirelessGuest

  ip address  10.36.1.1  255.255.255.0

  ip access-group guest_block out

  no rtp quality-monitoring

  no awcp

  no ip route-cache express

  no shutdown

However, on the 1638, I receive the unrecognized command error.   What am I missing?

BPHQ1638.1.1(config)#int vlan 36

BPHQ1638.1.1(config-intf-vlan 36)#ip access-group guest_block out

% Unrecognized command

BPHQ1638.1.1(config-intf-vlan 36)#

Do I have to use a hardware ACL instead?

Thanks

Labels (1)
Tags (3)
0 Kudos
1 Solution

Accepted Solutions
cj_
Valued Contributor
Valued Contributor

Re: How do I apply an ACL to a VLAN interface?

Jump to solution

Hi getzjd:

The NetVanta 1335 includes full-blown routing and firewall functions, whereas the NetVanta 1638 is a multi-layer switch product.  The 1638 does not include a firewall which is needed to support IP access lists and policy-classes.  Hardware ACL will be your best bet:  Configuring Hardware ACLs in AOS

Best,

Chris

View solution in original post

0 Kudos
1 Reply
cj_
Valued Contributor
Valued Contributor

Re: How do I apply an ACL to a VLAN interface?

Jump to solution

Hi getzjd:

The NetVanta 1335 includes full-blown routing and firewall functions, whereas the NetVanta 1638 is a multi-layer switch product.  The 1638 does not include a firewall which is needed to support IP access lists and policy-classes.  Hardware ACL will be your best bet:  Configuring Hardware ACLs in AOS

Best,

Chris

View solution in original post

0 Kudos