Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

ACL in 3500XL to block IPX

Hello,

If I create an ACL with one statement "permit IP any any", will this have the effect of blocking all non-IP traffic due to the implicit "deny any any" ? I would like to block all non-IP traffic, IPX in particular, on an older switch.

Dave

3 REPLIES
Hall of Fame Super Silver

Re: ACL in 3500XL to block IPX

Hello Dave,

no because you are configuring an IP focused ACL.

I don't think 3500 XL can route IPX but it can bridge IPX frames as they are valid ethernet frames.

what would be needed is an ACL that works on ethertype to describe what upper layer protocol you want to accept.

Again I don't think it is supported on C3500 XL

Hope to help

Giuseppe

Hall of Fame Super Gold

Re: ACL in 3500XL to block IPX

For starters, 3500XL does not support IP ACL regardless of IOS version. It will support MAC-based ACL.

Community Member

Re: ACL in 3500XL to block IPX

And yet I could configure this on a 3512XL running 12.0(5.4)WC1 :

Extended IP access list 101

permit ip any any

Hmmmmmmm .....

I guess the answer is that the implicit "deny any any" is in reality an implicit "deny IP any any".

I'll figure out another way, thanks for the replies.

Dave

294
Views
5
Helpful
3
Replies
CreatePlease to create content