VLAN/ACLS 3750

DASHelpdesk · ‎08-23-2007

I have been trying to get ACLS working on VLANs int?s with limited success. I have version 12, advipservices ios.

The following command allows me to access 192.168.133.1 on port 25

Permit tcp any host 192.168.133.1 eq 25

The following command denies me access, the command should achieve the same???

Permit tcp host 192.168.137.55 host 192.168.133.1 eq 25

Any ideas?

Thanks

Richard Burts · ‎08-23-2007

Neal

Perhaps I do not understand correctly your question. The first access list will allow any host to access host 192.168.133.1 on TCP port 25. The second access list will allow a specific host on 192.168.137.55 to access host 192.168.133.1 on TCP port 25. So if you are on host 192.168.137.55 then the effect of the access lists is the same. If you are not on host 192.168.137.55 then the second access list denies you access.

If there is some part of the question that I have not addressed then perhaps you can clarify the question?

HTH

Rick

HTH

Rick

Jon Marshall · ‎08-23-2007

Hi

If you are sure you are coming from 192.168.137.55 then yes it should work.

Are you absolutely sure this your source address ?

Jon

Edit - sorry Rick, cross posting

Joseph W. Doherty · ‎08-23-2007

Besides Rick's and Jon's suggestions, and since I seem to suffer from IP address and/or IP mask dyslexia, I'll either enable ACL logging or enable debug to see what's happening.