May be the below VACL facts can help you.,VACLs are applied to a VLAN within the VLAN context.
Inbound VACLs filter all traffic that arrives on a VLAN, whether switched or routed.
Outbound VACLs filter all traffic that is forwarded out a VLAN, whether the source is within the same subnet (switched) or another subnet (routed).
Because both inbound and outbound VACLs filter traffic that arrives on a VLAN and is switched out that VLAN, some of the traffic that they filter overlaps.
When you want to control traffic switched within a subnet, you must apply a VACL.
The inbound VACL processes routed traffic like an inbound RACL but also filters switched traffic.
One VACL applies to all ports that are members of the VLAN.
If you are planning to apply a VACL to a VLAN on a switch that does not route traffic for that VLAN, be very careful to plan the rules to permit return traffic to devices in that VLAN as well as the traffic from the devices.
At Aruba, we believe that the most dynamic customer experiences happen at the Edge. Our mission is to deliver innovative solutions that harness data at the Edge to drive powerful business outcomes.
© Copyright 2021 Hewlett Packard Enterprise Development LPAll Rights Reserved.