SG300 - ip address restricted to specific port??

David Thigpen · ‎09-25-2013

I have just set up an SG300 with protected ports so that different ports can not see the traffic on other ports. Now I am being asked to restrict specific ports to using only specific ip addresses. Is this possible with this switch?

Each port will need to allow several (5-6) addresses.

Thanks,

TonyT

Tom Watts · ‎09-25-2013

Hi David, this switch does support IP based ACL's. Keep in mind the ACL is INGRESS ONLY.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

David Thigpen · ‎09-25-2013

ACL might work. Here are more details:

We provide off-site mirrored storage for about a dozen customers. Each one provides their own firewall and vpn equiptment. Each customer has use of one protected port on the SG300 connected to their equiptment.

We have a class-C IP range and we tell each customer what ip addresses they can use. For example, Joe can use .8-.15, Bob can use .16-.23, etc.

We want to protect Joe should Bob fat-finger an address and ends up using .9 (intending .19) while Joe is already using .9. We want only Bob to get errors and not Joe.

Can it be done on a SG300?

Tx,

TonyT

Tom Watts · ‎09-25-2013

Hi David,

ACL can accomplish this.

-Tom
Please mark answered for helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

SG300 - ip address restricted to specific port??

Cisco Business Product Family

Cisco Switching Product Family