34-35
Catalyst 3750 SwitchSoftware Configuration Guide
OL-8550-09
Chapter34 Configuring Network Security with ACLs
Configuring VLAN Maps
Applying a VLAN Map to a VLAN
Beginning in privileged EXEC mode, follow these steps to apply a VLAN map to one or more VLANs:
To remove the VLAN map, use the no vlan filter mapname vlan-list list global configuration command.
This example shows how to apply VLAN map 1 to VLANs 20 through 22:
Switch(config)# vlan filter map 1 vlan-list 20-22
Using VLAN Maps in Your Network
These sections describes some typical uses for VLAN maps:
Wiring Closet Configuration, page34-35
Denying Access to a Server on Another VLAN, page34-36

Wiring Closet Configuration

In a wiring closet configuration, routing might not be enabled on the switch. In this configuration, the
switch can still support a VLAN map and a QoS classification ACL. In Figure34-4, assume that Host X
and Host Y are in different VLANs and are connected to wiring closet switches A and C. Traffic from
Host X to Host Y is eventually being routed by Switch B, a Layer 3 switch with routing enabled. Traffic
from Host X to Host Y can be access-controlled at the traffic entry point, SwitchA.
Command Purpose
Step1 configure terminal Enter global configuration mode.
Step2 vlan filter mapname vlan-list list Apply the VLAN map to one or more VLAN IDs.
The list can be a single VLAN ID (22), a consecutive list (10-22), or a string
of VLAN IDs (12, 22, 30). Spaces around the comma and hyphen are
optional.
Step3 show running-config Display the access list configuration.
Step4 copy running-config startup-config (Optional) Save your entries in the configuration file.