23-10
Cisco7600 Series Router Cisco IOS Software Configuration Guide—12.1E
78-14064-04
Chapter23 Con figuring Network Security
Configuring VLAN ACLs
Routed PacketsFigure 23-2 shows how ACLs are applied on routed and Layer 3-switched packets. For routed or
Layer 3-switched packets, the ACLs are applied in the following order:
1. VACL for input VLAN
2. Input Cisco IOS ACL
3. Output Cisco IOS ACL
4. VACL for output VLAN
Figure 23-2 Applying VACLs on Routed Packets
Catalyst 6500 series switches
with MSFC
Host B
(VLAN 20)
Host A
(VLAN 10)
26964
Bridged
Bridged
VACL
VACL
Input IOS ACL Output IOS ACL
Routed
MSFC