×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ACL in RSM

Unanswered Question
Oct 17th, 2006
User Badges:

Hi, I work with Catalyst 4006 + RSM. My interfaces are configured as trunks, and subinterfaces for each vlan: gigabit 3.1, 3.2, 4.1, 4.2, etc. I have an ACL applied on the inbound line vty and it is work ok. But for a subinterface don't work.

Cisco Internetwork Operating System Software

IOS (tm) L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(10)W5(18f)

ROM: System Bootstrap, Version 12.0(7)W5(15b) RELEASE SOFTWARE

ROM: L3 Switch/Router Software (CAT4232-IN-M), Version 12.0(25)W5(27) RELEASE SOFTWARE


Router uptime is 19 weeks, 1 day, 19 hours, 31 minutes

System restarted by power-on at 17:00:07 edt3 Sun Jun 4 2006

Running default software


cisco Cat4232L3 (R5000) processor with 57344K/8192K bytes of memory.

R5000 processor, Implementation 35, Revision 2.1

Last reset from power-on

1 FastEthernet/IEEE 802.3 interface(s)

4 Gigabit Ethernet/IEEE 802.3z interface(s)

123K bytes of non-volatile configuration memory.


16384K bytes of Flash internal SIMM (Sector size 256K).

Configuration register is 0x2

Anybody can help me?

Thks,


Paulo

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
s.jankowski Fri, 10/20/2006 - 13:50
User Badges:
  • Bronze, 100 points or more

I think the ACL type is mismatching in the subinterface

royalblues Fri, 10/20/2006 - 19:37
User Badges:
  • Green, 3000 points or more

Can you share your configurations


Narayan

paulo.s Mon, 10/23/2006 - 04:54
User Badges:

Hi Narayan,


I configured VLAN trunking on the two internal Gigabit Ethernet interfaces, from the supervisor engine as well as from the layer 3 Services module.


interface GigabitEthernet3.102

description Vlan Acesso Rede Adm SUN

encapsulation dot1Q 102

ip access-group 101 in

ip address 10.0.30.1 255.255.255.0

no ip redirects

no ip directed-broadcast

no cdp enable



access-list 101 permit ip 10.0.75.0 0.0.0.255 any log

access-list 101 permit ip host 10.0.65.16 any log

access-list 101 deny ip any any log


Thks,


Paulo Maur?cio

Actions

This Discussion