cancel
Showing results for 
Search instead for 
Did you mean: 

ACL for add-vlan-id

ACL for add-vlan-id

Danial_Jalil
New Contributor
I want to add an ingress ACL to a port that adds a vlan to an untagged traffic. if the traffic is tagged it should add a second vlan. following is my code but somehow i am facing error. is it the right syntax to implement it

entry testing {
if match all {
} then {
permit;
add-vlan-id 51;
}
}

#configure access-list testing ports 4 ingress
23 REPLIES 23

Drew_C
Valued Contributor III
If you haven't already, please open a ticket with GTAC to help close this one out.

Danial_Jalil
New Contributor
Can you guys tell me how to remove the VLAN on the other side. is there any ACL rule or anything that can remove the added acl on the other port at egress..(what i want to achieve is internal forwarding mechanism for one port to another..but i cannot do that with macs/ips as all macs will be the same)

guys waiting for some help here?

But it is not working. I have the following configuration.. I am receiving the traffic with no tags nothing just normal Ethernet frames on port 47 but somehow the ACL is not redirecting them port 48. Am I missing something? guys need help?

* X670V-48x.54 # show access-list
Vlan Name Port Policy Name Dir Rules Dyn Rules
================================================================
* 47 testing ingress 1 0

* X670V-48x.55 #vi testing.pol
entry rule {
if match all {
} then {
redirect-port 48
}
}

* X670V-48x.59 # show ports 47-48 statistics
Port Statistics Thu Apr 12 10:09:00 2018
Port Link Tx Pkt Tx Byte Rx Pkt Rx Byte Rx Pkt Rx Pkt Tx Pkt Tx Pkt
State Count Count Count Count Bcast Mcast Bcast Mcast
========= ===== =========== =========== =========== ===========
47 A 0 0 8469676 1084118656 0 0 0 0
48 A 0 0 0 0 0 0 0 0

========= ===== =========== =========== =========== ===========

GTM-P2G8KFN