VACLs
Cisco switches support of various kinds of ACLs:
■ Traditional Router ACL (RACL)
■ QoS ACL
■ VACL
VLAN access control lists (VACLs) are similar to route-maps in that they are
composed of statements that contain match and set conditions. In a VACL,
the “set” conditions are called “actions.” Actions include forward, drop, and
redirect. Like route-maps, VACL statements are numbered for ordering.
After configuration, VACLs are applied to traffic to specified VLANs.
The following is a sample VACL that instructs the switch to drop traffic
matching ACL 101 (not shown), and forward all other traffic:
Switch(config)#vlan access-map Drop101 5
Switch(config-access-map)#match ip address 101
Switch(config-access-map)#action drop
Switch(config-access-map)#vlan access-map Drop101 10
Switch(config-access-map)#action forward!
Switch(config)#vlan filter Drop101 vlan_list 10
To view VACL settings, use the commands show vlan access-map
vacl_name or show vlan filter access-map vacl_name.