Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
646
Views
5
Helpful
8
Replies

About 2950 acl configuration

xbw
Level 1
Level 1

‎11-16-2005 07:41 PM - edited ‎03-03-2019 12:49 AM

I have a c2950 and want to config acl. I enter INTERFACE MODE and issue IP ACCESS-GROUP command ,But system prompt no this command . how can I do. Please help me . Issuing show ver command.Message as fallows.

Cisco Internetwork Operating System Software

IOS (tm) C2950 Software (C2950-I6K2L2Q4-M), Version 12.1(22)EA6, RELEASE SOFTWARE (fc1)

Copyright (c) 1986-2005 by cisco Systems, Inc.

Compiled Fri 21-Oct-05 02:22 by yenanh

Image text-base: 0x80010000, data-base: 0x80676000

ROM: Bootstrap program is C2950 boot loader

tycib_sw29_f2office2 uptime is 3 minutes

System returned to ROM by power-on

System image file is "flash:/c2950-i6k2l2q4-mz.121-22.EA6.bin"

This product contains cryptographic features and is subject to United

States and local country laws governing import, export, transfer and

use. Delivery of Cisco cryptographic products does not imply

third-party authority to import, export, distribute or use encryption.

Importers, exporters, distributors and users are responsible for

compliance with U.S. and local country laws. By using this product you

agree to comply with applicable laws and regulations. If you are unable

to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:

http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to

export@cisco.com.

cisco WS-C2950-24 (RC32300) processor (revision R0) with 19973K bytes of memory.

Processor board ID FOC0935Z7SN

Last reset from system-reset

Running Standard Image

24 FastEthernet/IEEE 802.3 interface(s)

32K bytes of flash-simulated non-volatile configuration memory.

Base ethernet MAC Address: 00:15:62:63:5D:C0

Motherboard assembly number: 73-5781-13

Power supply part number: 34-0965-01

Motherboard serial number: FOC09343GDK

Power supply serial number: DAB0930DP48

Model revision number: R0

Motherboard revision number: A0

Model number: WS-C2950-24

System serial number: FOC0935Z7SN

Configuration register is 0xF

Labels:
0 Helpful
8 Replies 8

amit-singh
Level 8
Level 8

‎11-16-2005 09:05 PM

Hi There,

Your switch WS-C2950-24, is a switch with standard image i.e SMI. This image doenot support ACL's and that's why its not working. You should have a 2950 with EMI to run ACLs. This switch is not upgradable to EMI so you really cannot use ACLs on this :(.

http://www.cisco.com/en/US/products/hw/switches/ps628/products_data_sheet09186a00801cfb71.html

regards,

-amit singh

ankurbhasin
Level 9
Level 9

‎11-16-2005 09:20 PM

Hi XBW,

On which interface you are tying to apply the ACL.

Also I hope you might have tried the whole command "ip access-group in"

Can you post the output of error which you get when you try to apply ths command.

Regards,

Ankur

0 Helpful

xbw
Level 1
Level 1
In response to ankurbhasin

‎11-16-2005 10:33 PM

I upgraded my c2950 image. AS fallows:

.................................

System image file is "flash:/c2950-i6k2l2q4-mz.121-22.EA6.bin"

.................................

Last reset from system-reset

Running Standard Image

0 Helpful

xbw
Level 1
Level 1
In response to ankurbhasin

‎11-16-2005 10:37 PM

I upgraded my c2950 image. AS fallows:

.................................

System image file is "flash:/c2950-i6k2l2q4-mz.121-22.EA6.bin"

.................................

Last reset from system-reset

Running Standard Image

.....................................

please see my detail configurations in attachments.

0 Helpful

xbw
Level 1
Level 1
In response to xbw

‎11-16-2005 11:10 PM

please see my detail configurations in attachments

2894-tycib_sw29_f2office2.log
0 Helpful

Georg Pauwen
VIP
VIP
In response to xbw

‎11-16-2005 11:30 PM

Hello,

I think your problem might be the ´log´ option at the end of your access list. The ´log´ option is not supported on the switches, can you try and remove it, and then apply the access list inbound again ?

Regards,

GP

0 Helpful

xbw
Level 1
Level 1
In response to Georg Pauwen

‎11-17-2005 01:51 AM

I remove the "log" option.but without avail.As follows:

tycib_sw29_f2office2#config t

Enter configuration commands, one per line. End with CNTL/Z.

tycib_sw29_f2office2#access-list 100 permit ip 192.168.2.0 0.0.0.255 192.168.1.0 0.0.0.255

tycib_sw29_f2office2(config)#int f0/1

tycib_sw29_f2offic(config-if)#ip access-group 12 in

^

% Invalid input detected at '^' marker.

Please help me!

0 Helpful

Georg Pauwen
VIP
VIP
In response to xbw

‎11-17-2005 03:47 AM

Hello,

reading though the entire post, I saw that the very first post from Amith already gave the answer: no ACL support on the SI image, and the switch is not upgradable...

Catalyst 2950 Series Q&A

http://www.cisco.com/en/US/products/hw/switches/ps628/products_qanda_item09186a008009258e.shtml

Regards,

GP

0 Helpful
Customers Also Viewed These Support Documents