Hi,

I am trying to secure a server which is directly connected to a layer 2 switch port. I want to only permit access to the server from specific ip addresses. Example of commands entered are below.

Server = 10.10.10.1

Access-list 102 permit ip host 10.10.10.20 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.21 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.22 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.23 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.24 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.25 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.26 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.27 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.28 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.29 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.30 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.31 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.32 host 10.10.10.1

Access-list 102 permit ip host 10.10.10.33host 10.10.10.1

Access-list 102 permit tcp 10.10.11.0 0.0.0.128 host 10.10.10.1eq 3389

Access-list 102 deny ip any host 10.10.10.1

int g0/11

ip access-group 102 in

After I have entered all the above and connected the ACL to the port it blocks all access to that server so it isn't actually looking at the ACL rules. Any ideas? Is the layer 2 switch actually capable of looking at the source address as well as the destination address?

Thanks in advance.

Adam