Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
347
Views
0
Helpful
2
Replies

Protect Single port on switch

smolz
Level 4
Level 4

‎12-11-2009 11:24 AM - edited ‎03-06-2019 08:55 AM

What I have is a single host connected to a port on a 3560 siwtch.  I want to allow this host to go wherever it needs to go, but I do not want other hosts to initiate connections to the host.

is this possible? If so how do I configure as I see that you can only configure inbound ACL's on a switchport and no reflexive acl's at all.

Labels:
0 Helpful
2 Replies 2

Jon Marshall
Hall of Fame
Hall of Fame

‎12-11-2009 01:30 PM 

smolz wrote:
What I have is a single host connected to a port on a 3560 siwtch.  I want to allow this host to go wherever it needs to go, but I do not want other hosts to initiate connections to the host.
is this possible? If so how do I configure as I see that you can only configure inbound ACL's on a switchport and no reflexive acl's at all.

To be honest rather than try and get the switch to do it which i'm not sure you can even with a vlan access map because of the return traffic, it would be a whole lot easier to just install a host firewall which will allow you to block all incoming new connections. In fact, if memory serves me right, that is the default setting for XP firewall.

Jon

0 Helpful

amrelec
Level 1
Level 1

‎12-12-2009 10:30 AM

you can use ACL (extended) , that you configure your ACL statement as follows:

put your host as a destination address and put any incoming connection as source.

hope that helps

regards,

Amro

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card