Associating VLANs with an ACL

Associate VLANs with an ACL to apply filters to VLAN traffic.

A VLAN can be part of two different ACLs of different types: IPv6 and non-IPv6.

Before you begin

  • The ACL exists.

Procedure

  1. Enter Global Configuration mode:

    enable

    configure terminal

  2. Add VLAN interfaces to an ACL:

    filter acl vlan <acl-id> <1-4059>

  3. Remove specified VLAN interfaces from an ACL:

    no filter acl vlan <acl-id> <1-4059>

Variable definitions

Use the data in the following table to use the filter acl vlan command.

Variable

Value

<acl-id>

Specifies the ACL ID. Use the CLI Help to see the available range for the switch.

<1-4059>

Specifies the VLAN ID in the range of 1 to 4059. By default, VLAN IDs 1 to 4059 are configurable and the system reserves VLAN IDs 4060 to 4094 for internal use. On switches that support the vrf-scaling and spbm-config-mode boot configuration flags, if you enable these flags, the system also reserves VLAN IDs 3500 to 3998. VLAN ID 1 is the default VLAN and you cannot create or delete VLAN ID 1.

9037147-00 Rev AB