Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
0
Helpful
2
Replies

L2 switch use L3 ACL

Go to solution
jalen
Level 1
Level 1

‎09-11-2006 07:59 PM - edited ‎03-05-2019 12:02 PM

Hi

To prevent end-user to use illegal IP address.

We will implement the L3 ACL on the Layer2 SW (WS-C2950G-48-EI) Per-interface

!!!!This solution have any limitation about WS-C2950G-48-EI ? !!!

Sample Config:

interface FastEthernet0/1

ip access-group F1-IP in

interface FastEthernet0/1

ip access-group F2-IP in

......

interface FastEthernet0/48

ip access-group F48-IP in

ip access-list standard F1-IP

permit 192.168.1.1

ip access-list standard F2-IP

permit 192.168.1.2

.....

ip access-list standard F48-IP

permit 192.168.1.48

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
ankbhasi
Cisco Employee
Cisco Employee

‎09-11-2006 10:48 PM

Hi Jalen,

Yes 2950 support IP ACL and it should work.

Also check this link which has "Guidelines for Applying ACLs to Physical Interfaces"

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12120ea2/2950scg/swacl.htm#wp1082773

Also in your config I see interface fa0/1 with 2 ACLs (F1-IP & F2-IP) in same direction. Is it just a typo error which you have done while pasting your config here or its the real config?

Regards,

Ankur

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ankbhasi
Cisco Employee
Cisco Employee

‎09-11-2006 10:48 PM

Hi Jalen,

Yes 2950 support IP ACL and it should work.

Also check this link which has "Guidelines for Applying ACLs to Physical Interfaces"

http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12120ea2/2950scg/swacl.htm#wp1082773

Also in your config I see interface fa0/1 with 2 ACLs (F1-IP & F2-IP) in same direction. Is it just a typo error which you have done while pasting your config here or its the real config?

Regards,

Ankur

0 Helpful

Go to solution
jalen
Level 1
Level 1
In response to ankbhasi

‎09-13-2006 01:32 AM

Dear Ankur

Thank you answer .

That is type error,i will config 1 ACE per 1 ACL per port

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card