Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

C4K ACLs

I'm trying to apply an ACL to an access-layer interface on a Catalyst 4500 running 12.2(50)SG

The ACL looks emphatic to me ... but in fact, it has no effect on traffic -- the end-station attached to this interface is unaffected and can ping, query DNS, etc.

test-esx#sh ip access-list block-all

Standard IP access list block-all

10 deny any

test-esx#

test-esx#sh run int Gi4/48

Building configuration...

Current configuration : 199 bytes

!

interface GigabitEthernet4/48

switchport access vlan 74

switchport mode access

ip access-group block-all in

ip access-group block-all out

spanning-tree portfast

spanning-tree guard none

end

test-esx#

Is this function supported? i.e. would we expect a C4K to be able to filter IP traffic on physical interfaces?

--sk

Stuart Kendrick

FHCRC

2 REPLIES

Re: C4K ACLs

Stuart,

Is there another ACL applied for VLAN 74 ? AFAIK MAC ACLs will take precedence over L3 ACL if both configured at same time.

Sam

New Member

Re: C4K ACLs

Ah, turns out my error ... wrong interface. --sk

107
Views
0
Helpful
2
Replies