Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

VLAN ACL`s

Hello All,

I would like to know that Can I define ACL on my 3750. I would like to do ACl witch have permits for ports and services (used by servers)which I defined and option any any to log on syslog. Is there any possibility to do that?

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions

Re: VLAN ACL`s

Hello,

would this helps you? An extended ACL.

Here an example. You only need to bind these acl to an interface.

config terminal

"For all services and ports with the same acl number"

access-list 102 permit tcp "source+wildard" "detination+wildacrd" eq "Port or service"

access-list 102 deny any any

best regards

Sebastian

5 REPLIES

Re: VLAN ACL`s

Hello,

would this helps you? An extended ACL.

Here an example. You only need to bind these acl to an interface.

config terminal

"For all services and ports with the same acl number"

access-list 102 permit tcp "source+wildard" "detination+wildacrd" eq "Port or service"

access-list 102 deny any any

best regards

Sebastian

Community Member

Re: VLAN ACL`s

Could You explain me "source+wildcard" I have example: one port to one server, then a I have service on port 1233 - Veritas Backup and it must be permit...so what syntax must be

best regards Maciek

Community Member

Re: VLAN ACL`s

Ouuh I think i've got the answer:

access-list access-list-number {permit | deny} protocol source

source-wildcard [operator source-port] destination destination-wildcard

[operator destination-port] [precedence precedence-number] [tos tos]

[established] [log | log-input]

Pleace correct me I'm wrong

Re: VLAN ACL`s

That is exactly what I mean. I tried only to explain it on an example.

here is what i would try.

access-list 102 permit tcp any 10.6.4.5 0.0.0.0 eq 1233

Sebastian

Community Member

Re: VLAN ACL`s

Thanks For your great help :)

119
Views
0
Helpful
5
Replies
CreatePlease to create content