Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

3550 problem

Hi, i´m using a 3550 - 12G switch router as a core switch at my companys office, i have configure a series of vlan and the switch is making intervlan routing by default, the problem is that a i need to setup per vlan security, the classic extended acl´s are not an option because the scenario needs to have all vlan outbound traffic open and the inbound traffic restricted with just some ports open (www, ftp, Databases, ssh, etc.), i have tryed with reflexive acl but 3550 doesn´t support this feature neither CBAC and this is an urgent case. What can I do??

1 x Cisco 3550 - 12G (EMI) (core - InterVLAN Routing)

10 x Cisco 2950-SX Access Switch

3 x Cisco 2950-T Access Switch


Re: 3550 problem


I think Reflective ACL is not available for Cat3550-12G.

Chechk the IOS feature you're looking at:

*CCO login required

The nearest hit is Time-based ACL, but probably not but relevant. Anyway, you can try to play around with it and see if you can make use of the time restriction features to allow/control any incoming access (via address), e.g allow any incoming access/traffic/addresses for maximum hours (based on time), and only deny incoming for 1 min (just an idea). Other options probably not really useful.

Hope this helps.



New Member

Re: 3550 problem

Look into VACLs which is programmable in a 3550..

CreatePlease login to create content