This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

ACL for add-vlan-id

ACL for add-vlan-id

Danial_Jalil
New Contributor

‎03-19-2018 04:42 PM

I want to add an ingress ACL to a port that adds a vlan to an untagged traffic. if the traffic is tagged it should add a second vlan. following is my code but somehow i am facing error. is it the right syntax to implement it

entry testing {
if match all {
} then {
permit;
add-vlan-id 51;
}
}

#configure access-list testing ports 4 ingress
0 Kudos
23 REPLIES 23

Sushruth_Sathya
Extreme Employee

‎03-20-2018 02:07 AM

Could you try the following -
entry rule {
if {
vlan-format untagged;
} then {
add-vlan-id 51;
class-id 2;
}
}

I remember encountering this in a case. "Add-Vlan-Id" works with class-id. Also ensure the VLAN ID you are adding is an available VLAN on the ingress and egress ports.
0 Kudos

Sushruth_Sathya
Extreme Employee
In response to Sushruth_Sathya

‎03-20-2018 02:07 AM

Available VLAN means that the VLAN must be added to both the ingress and egress ports.
0 Kudos

Sushruth_Sathya
Extreme Employee
In response to Sushruth_Sathya

‎03-20-2018 02:07 AM

If you want to remove and ACL on a port, then the command is -
unconfig access-list ingress/egress
0 Kudos

Danial_Jalil
New Contributor
In response to Sushruth_Sathya

‎03-20-2018 02:07 AM

Can you also tell me how to remove the vlan on the other side. is there any ACL rule or anything that can remove the added acl on the other port at egress..
0 Kudos

Danial_Jalil
New Contributor
In response to Sushruth_Sathya

‎03-20-2018 02:07 AM

it works, it seems for ingress ACL class id is needed..thank you for the help Sushruth.. you are awesome 
0 Kudos
GTM-P2G8KFN