I think you're looking for a SPAN port and not a VACL.
Monitor session 1 source vlan 19 rx
Monitor session 1 dest f0/2
-ryan
-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of Marcio Costa
Sent: Wednesday, July 29, 2009 10:06 AM
To: ccielab_at_groupstudy.com
Subject: VACL on 3560 switch
Hi Experts,
How the switch (3560) will know which interface it should forward the
captured traffic to the NIDS or host w/ Wireshark with this VACL config
below?
interface FastEthernet0/2 (the interface I want to connect the NIDS)
switchport
switchport host
switchport access vlan 19
speed 100
duplex full
no shutdown
!
exit
!
ip access-list extended ALLOWED_TRAFFIC
permit ip any any
!
exit
!
vlan access-map VLAN19_FILTER 10
match ip address ALLOWED_TRAFFIC
action forward
!
exit
!
vlan filter VLAN19_FILTER vlan-list 19
Is there anything missed ??
Thanks in advanced,
Marcio A. Costa
Blogs and organic groups at http://www.ccie.net
Received on Wed Jul 29 2009 - 10:22:27 ART
This archive was generated by hypermail 2.2.0 : Sat Aug 01 2009 - 13:10:23 ART