Job Search, Job Listing, Opportunity
Work at home job, job vacancy
find a job, vacancy list, cari lowongan
Butuh, Segera, secretary, director
« First 5 digits going to Peru :)
3550 ACL’s .. »

3550 ACL’s ..

September 16, 2006 @ 1:59 pm · Filed under CCIE Study


You need to apply to access list to the vlan interface not the interface server is connected
Selim

—–Original Message—– From: 2nd CCIE [mailto:doubleccie@yahoo.com] Sent: Saturday, September 16, 2006 01:24 PM Central Standard Time To: security@groupstudy.com; ccielab@groupstudy.com Subject: 3550 ACL’s ..
Folks ; i have a trouble trying to do simple configuration on the 3550 . i have server connected to 3550 on port f0/11 .
all i want to do is to deny the icmp to this server and allow everything else . although it looks something easy ..it does not work with me
here is my configuration
! interface FastEthernet0/11 switchport access vlan 16 switchport mode dynamic desirable ip access-group 101 in ! ! access-list 101 deny icmp any host 10.10.16.100 access-list 101 permit ip any any !
with this configuration ..i still can ping the server from anywhere …i tried to apply the ACL on the interface vlan 16 ..nothing changed .
if i remove the second entry of the ACL (basically deny everything ) ..it works
but i need to the communication to the server ..only the ping i want to disable …
what am i missing here ?
thanks

——————————— How low will we go? Check out Yahoo! Messengers low PC-to-Phone call rates.

Bookmark this post:These icons link to social bookmarking sites where readers can share and discover new web pages.
  • blinkbits
  • BlinkList
  • blogmarks
  • co.mments
  • connotea
  • del.icio.us
  • De.lirio.us
  • digg
  • Fark
  • feedmelinks
  • Furl
  • LinkaGoGo
  • Ma.gnolia
  • NewsVine
  • Netvouz
  • RawSugar
  • Reddit
  • scuttle
  • Shadows
  • Simpy
  • Smarking
  • Spurl
  • TailRank
  • Wists
  • YahooMyWeb
keywords found: everything changed check disable central september although 

Leave a Comment

Related Post