VLAN Access-List (VACL)

Hello Görgen!

Thanks for testing that out and sharing your results, it’s always useful for readers of the forum.

I tried the same thing on my CML environment and got the same error message as you. Investigating a little further, I found that the command in this particular switch does not accept an EtherType number, but only keywords like so:

SW1(config)#mac access-list extended NO-IPV6
SW1(config-ext-macl)#permit any any ?
  aarp          EtherType: AppleTalk ARP
  amber         EtherType: DEC-Amber
  appletalk     EtherType: AppleTalk/EtherTalk
  dec-spanning  EtherType: DEC-Spanning-Tree
  decnet-iv     EtherType: DECnet Phase IV
  diagnostic    EtherType: DEC-Diagnostic
  dsm           EtherType: DEC-DSM
  etype-6000    EtherType: 0x6000
  etype-8042    EtherType: 0x8042
  lat           EtherType: DEC-LAT
  lavc-sca      EtherType: DEC-LAVC-SCA
  mop-console   EtherType: DEC-MOP Remote Console
  mop-dump      EtherType: DEC-MOP Dump
  msdos         EtherType: DEC-MSDOS
  mumps         EtherType: DEC-MUMPS
  netbios       EtherType: DEC-NETBIOS
  vines-echo    EtherType: VINES Echo
  vines-ip      EtherType: VINES IP
  xns-idp       EtherType: XNS IDP
  <cr>

SW1(config-ext-macl)#permit any any 

I am using the exact same version as you. It seems that the EtherTypes that you can use are limited to these particular ones, and it doesn’t include IPv6. Take a look at this Cisco command reference that describes the command with many more options than those shown above:

I believe it is a limitation of the specific IOS version.

I hope this has been helpful!

Laz