Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Access-list issues on catalyst 6509 VLAN interface

I have configured access-lists on catalyst 6509 switch; however it's misbehaving when access allowed for specific ports. Please check the following example

interface vlan 10

ip address 172.16.100.1 255.255.255.0

ip access-group work in

ip access-list extended work

permit tcp 172.16.100.0 0.0.0.255 host 172.17.50.10 eq 3389

deny ip any any

I still can't do remote access to 172.17.50.10 using above access-lists. However it works fine using below access-list (all TCP ports allowed).

ip access-list extended work

permit tcp 172.16.100.0 0.0.0.255 host 172.17.50.10

deny ip any any

Please suggest.

132
Views
0
Helpful
0
Replies