In the following example, all traffic in VLAN 20 is forwarded to its destination and a copy sent to configured capture ports. This configuration is ideal for capturing all traffic on a VLAN because it does not create duplicates for intra-VLAN traffic, as a VSPAN would. Use this configuration to send data to Application Delivery Analysis without filtering out traffic.
This example also represents the simplest VACL to implement. This implementation poses no risk of the ACL blocking the production VLANs to which it is applied.
The following commands represent the configuration in the illustration:
(config)#access-list 101 permit ip any any ! (config)#vlan access-map sa_cap 30 (config)#match ip address 101 (config)#action forward capture ! (config)#vlan filter sa_cap vlan-list 20 ! (config)#interface fa2/13 (config)#switchport capture
|
Copyright © 2015 CA Technologies.
All rights reserved.
|
|