Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

ACL management question

We have an industrial environment with over 100 IE-3000 switches.  We are using port based ACLs to limit various protocols to the connected devices(fa1/1 no telnet, fa1/2 no www, fa1/3 no telnet or www, etc).  The configs are pretty much the same from switch to switch and the individual ACLs work fine.  The problem comes in when we do a firmware upgrade or install a new device that forces us to modify the ACLs.  Doing this repeatedly over a hundred switches is tedious & time consuming.  Is there a way to declare the ACLs on a core switch (Cat 4500) and have the field switches call the instance of the ACL to apply it on the specific switch ports?  I'm just trying to find an easier way to manage a bunch of individual ACLs.

Everyone's tags (3)