Cisco WS-C3550-12G Software Configuration Manual page 433
Multilayer switch
Hide thumbs
Also See for WS-C3550-12G:
- User manual (436 pages) ,
- Manual (278 pages) ,
- Datasheet (19 pages)
Table of Contents
Advertisement
Chapter 19
Configuring Network Security with ACLs
Figure 19-3 Using Router ACLs to Control Traffic
Catalyst 3550 switch with enhanced
Human Resources
172.20.128.0-31
This example uses a standard ACL to filter traffic coming into Server B from port 0/3, permitting traffic
only from Accounting's source addresses 172.20.128.64 to 172.20.128.95.
Switch(config)# access-list 6 permit 172.20.128.64 0.0.0.31
Switch(config)# end
Switch# show access-lists
Standard IP access list 6
permit 172.20.128.64, wildcard bits 0.0.0.31
Switch(config)# interface gigabitethernet0/3
Switch(config-if)# ip access-group 6 out
The ACL is applied to traffic coming out of routed port 0/3 from the specified source address.
This example uses an extended ACL to filter traffic coming from Server B into port 0/3, permitting
traffic from any source address (in this case Server B) to only the Accounting destination addresses
172.20.128.64 to 172.20.128.95.
Switch(config)# access-list 106 permit ip any 172.20.128.64 0.0.0.31
Switch(config)# end
Switch# show access-lists
Extended IP access list 106
permit ip any 172.20.128.64 0.0.0.31
Switch(config)# interface gigabitethernet0/3
Switch(config-if)# ip access-group 106 in
The ACL is then applied to traffic going into routed port 0/3, permitting it to go only to the specified
destination addresses. Note that with extended ACLs, you must enter the protocol (IP) before the source
and destination information.
78-11194-03
Server A
Benefits
Port 0/2
multilayer software image
Server B
Payroll
Port 0/3
Si
Accounting
172.20.128.64-95
Catalyst 3550 Multilayer Switch Software Configuration Guide
Configuring Router ACLs
19-23
- Quick Links:
- Table of Contents
- Front Panel View
- Ip Addresses
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
