How to configure Port ACL on SG350-10

Johnny Kim · ‎07-14-2021

Hello.

I have hard problem which permits only an IP group in each port.

My plan is below.

Port 1 : permit only 192.168.1.X

Port 2 : permit only 192.168.2.X

Port 3 : permit only 192.168.3.X

..

Port 10 : permit all IP

There is 6 clients under Port 1. And the clients have 192.168.1~3.201~206 multiple IP on one NIC.

There is 6 clients under Port 2. And the clients have 192.168.1~3.201~206 multiple IP on one NIC.

There is 6 clients under Port 3. And the clients have 192.168.1~3.201~206 multiple IP on one NIC.

PC has an ethernet card upper Port 10. The ethernet card has multiple IP (192.168.1~3.200)

I configured ACL, ACE in router.

Please check attached configuration file (running-config.txt).

But when PC sends ping command to all clients, PC can receive ECHO from some clients of 18 clients.

If only port1, port2 group except port3 is physically linked, PC can receive ECHO from all 12 clients.

Please let me know how to configure rightly or the supported production model.

Thanks.

balaji.bandi · ‎07-14-2021

You can do ACL Look at the document :

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Johnny Kim · ‎07-14-2021

Thanks for fast reply.

I have followed MAC or IP ACL you mentioned by link. I attached the setting information with file "running-config.txt".

I don't know whether the connection is fail with PC so that the number of clients being used increases.

Today. I will check the status after upgrading latest firmware.

balaji.bandi · ‎07-15-2021

PC ( windows ) do have FW built-in so worth checking

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help