Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VLAN/ACLS 3750

I have been trying to get ACLS working on VLANs int?s with limited success. I have version 12, advipservices ios.

The following command allows me to access 192.168.133.1 on port 25

Permit tcp any host 192.168.133.1 eq 25

The following command denies me access, the command should achieve the same???

Permit tcp host 192.168.137.55 host 192.168.133.1 eq 25

Any ideas?

Thanks

3 REPLIES
Hall of Fame Super Silver

Re: VLAN/ACLS 3750

Neal

Perhaps I do not understand correctly your question. The first access list will allow any host to access host 192.168.133.1 on TCP port 25. The second access list will allow a specific host on 192.168.137.55 to access host 192.168.133.1 on TCP port 25. So if you are on host 192.168.137.55 then the effect of the access lists is the same. If you are not on host 192.168.137.55 then the second access list denies you access.

If there is some part of the question that I have not addressed then perhaps you can clarify the question?

HTH

Rick

Hall of Fame Super Blue

Re: VLAN/ACLS 3750

Hi

If you are sure you are coming from 192.168.137.55 then yes it should work.

Are you absolutely sure this your source address ?

Jon

Edit - sorry Rick, cross posting

Super Bronze

Re: VLAN/ACLS 3750

Besides Rick's and Jon's suggestions, and since I seem to suffer from IP address and/or IP mask dyslexia, I'll either enable ACL logging or enable debug to see what's happening.

291
Views
0
Helpful
3
Replies