Enabling IPv4 ACL rules for mirroring

ACL-based inbound mirroring applies to extended-ACL rules that include the mirror keyword.

  1. Enter configure terminal to access global configuration mode. 
    device# configure terminal
  2. Enter the ip access-list extended command to create or access the ACL. 
    device(config)# ip access-list extended extd_ACL5
  3. In each rule for which you need to enable mirroring, include the mirror keyword. 
    device(conf-ipacl-ext)# seq 5 deny tcp host 10.24.26.145 any mirror
device(conf-ipacl-ext)# seq 15 permit tcp 10.24.26.146 any mirror
  4. Apply the ACL that you created to the appropriate physical interface, specifying the in keyword. 
    device(config)# interface ethernet 2/1
device(conf-if-eth-2/1)# ip access-group extd_ACL5 in
9036684-01 Rev AA