65-36
User Guide for Cisco Security Manager 4.4
OL-28826-01
Chapter 65 Managing Cisco Catalyst Switches and Cisco 7600 Series Routers
VLAN ACLs (VACLs)

VLAN Selector Dialog Box

Use the VLAN Selector dialog box to associate VLANs with interfaces, VLAN groups, security
contexts, and VACLs.
Navigation Path
You can access this dialog box when you define interfaces, VLAN groups, IDSM settings, or VACLs by
clicking the Select button in any field used for defining VLANs.
Related Topics
Service Module Slot Selector Dialog Box, page 65-35
Filtering Tables, page1-45
Field Reference
VLAN ACLs (VACLs)
Cisco IOS standard or extended ACLs are configured on router interfaces only, and are applied on routed
packets only. In contrast, Cisco Catalyst switches and Cisco 7600 Series routers can use VLAN ACLs
(VACLs) to control the access of all packets that are bridged within a VLAN or that are routed to or from
a VLAN for VACL capture through a WAN interface. VACLs:
Are processed in hardware.
Use Cisco IOS ACLs.
Ignore any Cisco IOS ACL fields that are not supported in hardware.
Table65-17 VLAN Selector Dialog Box
Element Description
Available VLANs Displays defined VLANs that are available to be associated with the
object you are configuring.
Note The VLANs that are available will depend on the type of object
you are configuring and other settings defined on the device.
For example, when selecting VLANs to assign to a VLAN
group, the Available VLANs list will only contain VLANs that
have not been assigned to another VLAN group. When
selecting VLANs to assign to a security context, the Available
VLANs list will only contain VLANs that are part of a VLAN
group that has been assigned to the service module you are
configuring.
Add >> button Moves selected VLANs from the Available VLANs list to the Selected
VLANs list.
Remove << button Removes select ed VLANs from the Selected VLANs list.
Selected VLANs Displays the selected VLANs.
VLAN Ranges The VLAN ranges entered manually before the selector was opened, if
any.