cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1829
Views
5
Helpful
19
Replies

Catalyst 2960S ACL issue

lorenzobexer
Level 1
Level 1

Hi,

i have some problems using ACL and copying a backup from the switch to an scp server.

Firmware version is 15.0(2)SE2, but i have seen the same behaviour on 12.0

This is the configuration of access lists/vty

Standard IP access list ACL_VTY_IN

    5 permit 192.168.0.123 (4 matches)

    40 deny   any log

Standard IP access list ACL_VTY_OUT

    10 permit 192.168.0.123

    20 deny   any log

line vty 0 4

access-class ACL_VTY_IN in

access-class ACL_VTY_OUT out

exec-timeout 15 0

logging synchronous

login authentication xxxxxxxx

length 0

transport input ssh

transport output ssh

Now, when logging into the switch with ssh and trying to backup the configuration (copy running-config scp://user:pw@192.168.0.123/somefile), it seems that the INBOUND ACL is used, as its match counter is increasing.

How can this behaviour be explained? I assumed, the OUT ACL would be used for outgoing connections?

Regards,

Johannes

19 Replies 19

lorenzobexer
Level 1
Level 1

Looks like i have posted into the wrong forum, this should go to LAN, Switching and Routing.