Access-list issues on catalyst 6509 VLAN interface

Unanswered Question
Oct 15th, 2009

I have configured access-lists on catalyst 6509 switch; however it's misbehaving when access allowed for specific ports. Please check the following example

interface vlan 10

ip address 172.16.100.1 255.255.255.0

ip access-group work in

ip access-list extended work

permit tcp 172.16.100.0 0.0.0.255 host 172.17.50.10 eq 3389

deny ip any any

I still can't do remote access to 172.17.50.10 using above access-lists. However it works fine using below access-list (all TCP ports allowed).

ip access-list extended work

permit tcp 172.16.100.0 0.0.0.255 host 172.17.50.10

deny ip any any

Please suggest.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion