отмена
Отображаются результаты для 
Вместо этого искать 
Вы имели в виду: 
Объявления
Добро пожаловать в Сообщество Технической поддержки Cisco. Мы рады получить обратную связь .
New Member

Cisco 2960 Port ACL

Добрый день, на нескольких форумах пытался найти ответ - безрезультатно, вся надежда на вас! :)

Есть cisco 2960:

500-switch>show ver 
Cisco IOS Software, C2960 Software (C2960-LANBASE-M), Version 12.2(35)SE5, RELEASE SOFTWARE (fc1)
Copyright (c) 1986-2007 by Cisco Systems, Inc.
Compiled Thu 19-Jul-07 20:06 by nachen
Image text-base: 0x00003000, data-base: 0x00D40000

ROM: Bootstrap program is C2960 boot loader
BOOTLDR: C2960 Boot Loader (C2960-HBOOT-M) Version 12.2(25r)SEE6, RELEASE SOFTWARE (fc1)

500-switch uptime is 20 hours, 2 minutes
System returned to ROM by power-on
System image file is "flash:c2960-lanbase-mz.122-35.SE5/c2960-lanbase-mz.122-35.SE5.bin"

cisco WS-C2960-24TT-L (PowerPC405) processor (revision F0) with 61440K/4088K bytes of memory.
Processor board ID FOC1233Y0U7
Last reset from power-on
1 Virtual Ethernet interface
24 FastEthernet interfaces
2 Gigabit Ethernet interfaces
The password-recovery mechanism is enabled.

64K bytes of flash-simulated non-volatile configuration memory.
Base ethernet MAC Address       : 00:22:BE:F3:13:00
Motherboard assembly number     : 73-11473-05
Power supply part number        : 341-0097-02
Motherboard serial number       : FOC12325B80
Power supply serial number      : DCA12288976
Model revision number           : F0
Motherboard revision number     : A0
Model number                    : WS-C2960-24TT-L
System serial number            : FOC1233Y0U7
Top Assembly Part Number        : 800-29859-02
Top Assembly Revision Number    : A0
Version ID                      : V05
CLEI Code Number                : COM3L00BRD
Hardware Board Revision Number  : 0x01


Switch   Ports  Model              SW Version              SW Image
------   -----  -----              ----------              ----------
*    1   26     WS-C2960-24TT-L    12.2(35)SE5             C2960-LANBASE-M


Configuration register is 0xF

схема сети:
есть корпус из 5-ти этажей(на самом деле 3 корпуса, но смысл такой-же), каждый этаж - подсеть 192,168,21-25.1-х
все входит в эту циску, дальше идет с циски шнурок в другой роутер, который неуправляемый, оттуда в сервак и в инет.

строю access-list чтобы пропускал только определенные ip на портах, но что-то пускает все что не идет.

вот конфиг:

! 
version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname 500-switch
!
enable secret 5 $1$/WQ7$ARWSO5XzUqbMWq8OjOtlt0
enable password cisco
!
no aaa new-model
clock timezone EET 2
system mtu routing 1500
ip subnet-zero
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
interface FastEthernet0/1
 ip access-group 1 in
!
interface FastEthernet0/2
 ip access-group 2 in
!
interface FastEthernet0/3
 ip access-group 3 in
!
interface FastEthernet0/4
 ip access-group 4 in
!
interface FastEthernet0/5
 ip access-group 5 in
!
interface FastEthernet0/6
 ip access-group 6 in
!
interface FastEthernet0/7
 ip access-group 7 in
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
!
interface FastEthernet0/23
 description 258
 speed 100
!
interface FastEthernet0/24
!
interface GigabitEthernet0/1
!
interface GigabitEthernet0/2
!
interface Vlan1
 ip address 192.168.0.5 255.255.0.0
 no ip route-cache
!
ip default-gateway 192.168.0.7
ip http server
access-list 1 permit 192.168.32.8
access-list 1 permit 192.168.33.9
access-list 1 permit 192.168.32.9
access-list 1 permit 192.168.33.8
access-list 1 permit 192.168.32.10
access-list 1 permit 192.168.33.11
access-list 1 permit 192.168.32.11
access-list 1 permit 192.168.33.10
access-list 1 permit 192.168.32.12
access-list 1 permit 192.168.33.13
access-list 1 permit 192.168.32.13
access-list 1 permit 192.168.33.12
access-list 1 permit 192.168.32.14
access-list 1 permit 192.168.33.15
access-list 1 permit 192.168.32.15
access-list 1 permit 192.168.33.14
access-list 1 permit 192.168.33.1
access-list 1 permit 192.168.32.1
access-list 1 permit 192.168.32.2
access-list 1 permit 192.168.33.3
access-list 1 permit 192.168.32.3
access-list 1 permit 192.168.33.2
access-list 1 permit 192.168.32.4
access-list 1 permit 192.168.33.5
access-list 1 permit 192.168.32.5
access-list 1 permit 192.168.33.4
access-list 1 permit 192.168.32.6
access-list 1 permit 192.168.33.7
access-list 1 permit 192.168.32.7
access-list 1 permit 192.168.33.6
access-list 1 permit 192.168.32.24
access-list 1 permit 192.168.33.25
access-list 1 permit 192.168.32.25
access-list 1 permit 192.168.33.24
access-list 1 permit 192.168.33.27
access-list 1 permit 192.168.33.26
access-list 1 permit 192.168.33.29
access-list 1 permit 192.168.33.28
access-list 1 permit 192.168.33.30
access-list 1 permit 192.168.32.16
access-list 1 permit 192.168.33.17
access-list 1 permit 192.168.32.17
access-list 1 permit 192.168.33.16
access-list 1 permit 192.168.32.18
access-list 1 permit 192.168.33.19
access-list 1 permit 192.168.32.19
access-list 1 permit 192.168.33.18
access-list 1 permit 192.168.32.20
access-list 1 permit 192.168.33.21
access-list 1 permit 192.168.32.21
access-list 1 permit 192.168.33.20
access-list 1 permit 192.168.32.22
access-list 1 permit 192.168.33.23
access-list 1 permit 192.168.32.23
access-list 1 permit 192.168.33.22
access-list 1 permit 192.168.31.20
access-list 1 permit 192.168.31.19
access-list 1 permit 192.168.31.18
access-list 1 permit 192.168.31.17
access-list 1 permit 192.168.31.16
access-list 1 permit 192.168.31.7
access-list 1 permit 192.168.31.6
access-list 1 permit 192.168.31.5
access-list 1 permit 192.168.31.4
access-list 1 permit 192.168.31.3
access-list 1 permit 192.168.31.2
access-list 1 permit 192.168.31.1
access-list 1 permit 192.168.31.15
access-list 1 permit 192.168.31.14
access-list 1 permit 192.168.31.13
access-list 1 permit 192.168.31.12
access-list 1 permit 192.168.31.11
access-list 1 permit 192.168.31.10
access-list 1 permit 192.168.31.9
access-list 1 permit 192.168.31.8
access-list 2 permit 192.168.21.20
access-list 2 permit 192.168.21.17
access-list 2 permit 192.168.21.16
access-list 2 permit 192.168.21.19
access-list 2 permit 192.168.21.18
access-list 2 permit 192.168.21.13
access-list 2 permit 192.168.21.12
access-list 2 permit 192.168.21.15
access-list 2 permit 192.168.21.14
access-list 2 permit 192.168.21.9
access-list 2 permit 192.168.21.8
access-list 2 permit 192.168.21.11
access-list 2 permit 192.168.21.10
access-list 2 permit 192.168.21.5
access-list 2 permit 192.168.21.4
access-list 2 permit 192.168.21.7
access-list 2 permit 192.168.21.6
access-list 2 permit 192.168.21.1
access-list 2 permit 192.168.21.3
access-list 2 permit 192.168.21.2
access-list 3 permit 192.168.22.8
access-list 3 permit 192.168.22.6
access-list 3 permit 192.168.22.7
access-list 3 permit 192.168.22.4
access-list 3 permit 192.168.22.5
access-list 3 permit 192.168.22.2
access-list 3 permit 192.168.22.3
access-list 3 permit 192.168.22.1
access-list 4 permit 192.168.23.30
access-list 4 permit 192.168.23.29
access-list 4 permit 192.168.23.28
access-list 4 permit 192.168.23.27
access-list 4 permit 192.168.23.26
access-list 4 permit 192.168.23.25
access-list 4 permit 192.168.23.24
access-list 4 permit 192.168.23.23
access-list 4 permit 192.168.23.22
access-list 4 permit 192.168.23.21
access-list 4 permit 192.168.23.20
access-list 4 permit 192.168.23.19
access-list 4 permit 192.168.23.18
access-list 4 permit 192.168.23.17
access-list 4 permit 192.168.23.16
access-list 4 permit 192.168.23.15
access-list 4 permit 192.168.23.14
access-list 4 permit 192.168.23.13
access-list 4 permit 192.168.23.12
access-list 4 permit 192.168.23.11
access-list 4 permit 192.168.23.10
access-list 4 permit 192.168.23.9
access-list 4 permit 192.168.23.8
access-list 4 permit 192.168.23.7
access-list 4 permit 192.168.23.6
access-list 4 permit 192.168.23.5
access-list 4 permit 192.168.23.4
access-list 4 permit 192.168.23.3
access-list 4 permit 192.168.23.2
access-list 4 permit 192.168.23.1
access-list 5 permit 192.168.24.1
access-list 5 permit 192.168.24.2
access-list 5 permit 192.168.24.3
access-list 5 permit 192.168.24.4
access-list 5 permit 192.168.24.5
access-list 5 permit 192.168.24.6
access-list 5 permit 192.168.24.7
access-list 5 permit 192.168.24.8
access-list 5 permit 192.168.24.9
access-list 5 permit 192.168.24.10
access-list 5 permit 192.168.24.11
access-list 5 permit 192.168.24.12
access-list 5 permit 192.168.24.13
access-list 5 permit 192.168.24.14
access-list 5 permit 192.168.24.15
access-list 6 permit 192.168.25.1
access-list 6 permit 192.168.25.3
access-list 6 permit 192.168.25.2
access-list 6 permit 192.168.25.5
access-list 6 permit 192.168.25.4
access-list 6 permit 192.168.25.7
access-list 6 permit 192.168.25.6
access-list 6 permit 192.168.25.9
access-list 6 permit 192.168.25.8
access-list 6 permit 192.168.25.11
access-list 6 permit 192.168.25.10
access-list 6 permit 192.168.25.13
access-list 6 permit 192.168.25.12
access-list 6 permit 192.168.25.15
access-list 6 permit 192.168.25.14
access-list 7 permit 192.168.12.36
access-list 7 permit 192.168.12.37
access-list 7 permit 192.168.12.38
access-list 7 permit 192.168.12.39
access-list 7 permit 192.168.12.32
access-list 7 permit 192.168.12.33
access-list 7 permit 192.168.12.34
access-list 7 permit 192.168.12.35
access-list 7 permit 192.168.12.44
access-list 7 permit 192.168.12.45
access-list 7 permit 192.168.12.46
access-list 7 permit 192.168.12.47
access-list 7 permit 192.168.12.40
access-list 7 permit 192.168.12.41
access-list 7 permit 192.168.12.42
access-list 7 permit 192.168.12.43
access-list 7 permit 192.168.12.48
access-list 7 permit 192.168.12.49
access-list 7 permit 192.168.12.50
access-list 7 permit 192.168.11.3
access-list 7 permit 192.168.12.4
access-list 7 permit 192.168.11.2
access-list 7 permit 192.168.12.5
access-list 7 permit 192.168.11.1
access-list 7 permit 192.168.12.6
access-list 7 permit 192.168.12.7
access-list 7 permit 192.168.11.7
access-list 7 permit 192.168.11.6
access-list 7 permit 192.168.12.1
access-list 7 permit 192.168.11.5
access-list 7 permit 192.168.12.2
access-list 7 permit 192.168.11.4
access-list 7 permit 192.168.12.3
access-list 7 permit 192.168.11.11
access-list 7 permit 192.168.12.12
access-list 7 permit 192.168.11.10
access-list 7 permit 192.168.12.13
access-list 7 permit 192.168.11.9
access-list 7 permit 192.168.12.14
access-list 7 permit 192.168.11.8
access-list 7 permit 192.168.12.15
access-list 7 permit 192.168.11.15
access-list 7 permit 192.168.12.8
access-list 7 permit 192.168.11.14
access-list 7 permit 192.168.12.9
access-list 7 permit 192.168.11.13
access-list 7 permit 192.168.12.10
access-list 7 permit 192.168.11.12
access-list 7 permit 192.168.12.11
access-list 7 permit 192.168.11.19
access-list 7 permit 192.168.12.20
access-list 7 permit 192.168.11.18
access-list 7 permit 192.168.12.21
access-list 7 permit 192.168.11.17
access-list 7 permit 192.168.12.22
access-list 7 permit 192.168.11.16
access-list 7 permit 192.168.12.23
access-list 7 permit 192.168.11.23
access-list 7 permit 192.168.12.16
access-list 7 permit 192.168.11.22
access-list 7 permit 192.168.12.17
access-list 7 permit 192.168.11.21
access-list 7 permit 192.168.12.18
access-list 7 permit 192.168.11.20
access-list 7 permit 192.168.12.19
access-list 7 permit 192.168.11.27
access-list 7 permit 192.168.12.28
access-list 7 permit 192.168.11.26
access-list 7 permit 192.168.12.29
access-list 7 permit 192.168.11.25
access-list 7 permit 192.168.12.30
access-list 7 permit 192.168.11.24
access-list 7 permit 192.168.12.31
access-list 7 permit 192.168.12.24
access-list 7 permit 192.168.11.30
access-list 7 permit 192.168.12.25
access-list 7 permit 192.168.11.29
access-list 7 permit 192.168.12.26
access-list 7 permit 192.168.11.28
access-list 7 permit 192.168.12.27
!
control-plane
!
!
line con 0
line vty 0 4
 password jkjkjkjkj
 login
line vty 5 15
 login
!
end

не пойму почему не работает :( подскажите, гуру

Теги (2)
110
Просмотры
0
Полезный материал
0
Ответы
СоздатьДля создания публикации, пожалуйста в систему