Create the ACL with the Desired rules that needs to be
implemented for specific port /vlan and restrict permit the access.
acl number 3002
rule 1 deny icmp source 10.96.78.33 0 destination 10.96.55.1 0
rule 2 deny tcp source 10.96.78.33 0 destination 10.96.55.1 0 destination-port eq www
once the ACL is created to apply we need to use the QOS command to apply the settings onto the ports /vlans.
Need to create the classifier and apply the rule into it.
traffic classifier dropvlan operator and
if-match acl 3002
create the behavior and apply the rule into it.
traffic behavior dropvlan
filter deny
Create the QOS policy and apply the rule into it.
qos policy dropvlan
classifier dropvlan behavior dropvlan
Enforce the QOS on the port./for vlan
interface GigabitEthernet3/0/27
port access vlan 833
qos apply policy dropvlan inbound
acl number 3002
rule 1 deny icmp source 10.96.78.33 0 destination 10.96.55.1 0
rule 2 deny tcp source 10.96.78.33 0 destination 10.96.55.1 0 destination-port eq www
once the ACL is created to apply we need to use the QOS command to apply the settings onto the ports /vlans.
Need to create the classifier and apply the rule into it.
traffic classifier dropvlan operator and
if-match acl 3002
create the behavior and apply the rule into it.
traffic behavior dropvlan
filter deny
Create the QOS policy and apply the rule into it.
qos policy dropvlan
classifier dropvlan behavior dropvlan
Enforce the QOS on the port./for vlan
interface GigabitEthernet3/0/27
port access vlan 833
qos apply policy dropvlan inbound
For Vlan :- qos
vlan-policy dropvlan vlan 22 inbound
