VLAN Access Control Lists configuration on Cisco Switch

In this post I will cover Vlan access control lists (VACLs), is also called VLAN access Map or VLAN Map. A VLAN Access-map allows us to filter incoming and outgoing traffic in a switch VLAN. VLAN access-list configuration is very similar to the Route-map configuration. You have to place the Vlan access-map on the whole Vlan When you want to filter traffic that is moving from one VLAN to anotherVLAN, which means that the incoming and outgoing traffic in a Vlan are filterd by the VLan access-map. We can apply a VLAN access-map to a Layer3 access-list and also to a mac access-list. We know that the usual access control list (ACL), which is the most well known concept, has an implied DENY IP ANY ANY at the end. Of course, a VACL has the same implied deny statement, but this is not recommended, because a normal ACL checks only […]

Easy Way to quickly remove all Vlans on Cisco Switch

In work environment if you want to completely erase the whole switch configuration including all Vlans or range of Vlans that are already configured on the switch, you can do very quickly. In a Cisco switch, erasing the Vlan database is one thing and erasing the range of vlans that exist on the switch is another thing. It is a good practice to completely erase everything on a switch before using the switch in another part of your network. This is important in order to avoid any network conflicts because of any old configuration settings that are already configured on the switch. 1. Deleting the switch Vlans Database: You can find the complete Vlans configured list by executing the command “show vlan brief”. In this example you can see that there are 3 vlans configured on the switch. These vlans are stored in a file in flash memory called “vlan.dat”. […]

How to change Native VLAN on Cisco Switch

What is Native VLAN on Cisco Switch? I will explain about VLAN technology on Cisco switches. With VLAN encapsulation techniques dot1q or ISL, trunk port on Cisco switch can carry frames of different VLANs traffic with VLAN tagging. This allows for multiple VLANs to exist on a single Switch or Topology. A trunk port on a switch is defined to be in a Native VLAN, and Trunk Port on Cisco switch will not add tag to the Native VLAN frames that are going in/out of the Trunk port. Any Ethernet device would be capable of reading frames for the Native VLANs. The Native VLAN is important on an 802.1Q trunk link. 1. Native VLAN is like another VLAN but Cisco Switch having VLAN 1 as default with Cisco IOS. 2. In Cisco Switch, By default all ports belong to VLAN 1 or native VLAN. 3. VLAN 1 is also used […]

How to Configure InterVLAN Routing on Cisco Layer 3 Switches

InterVLAN routing must be enabled in L3 Switch to communicate host in one VLAN with another VLAN. Cisco Layer 3 Catalyst switches having routing functionality which allows the switch to perform interVLAN routing. In this article I explain the InterVLan routing configuration in L3 Switch. This document uses a Cisco Catalyst 3550 switch and it can also be applied to other Layer 3 switches running Cisco IOS® Step−by−Step Cisco L3 Switch Configuration: 1. We have to enable the routing on the switch using the ip routing command to perform interVLAN Routing and other Routing functionalists  Even if IP routing was previously enabled, this step ensures that it is indeed activated. Switch(config)#ip routing Note: If the switch does not accept the ip routing command, you need to upgrade to either SMI image 12.1(11)EA1 or later, or an EMI image, and repeat this step.