EasyManuals Logo

Cisco 2950 - Catalyst Switch User Manual

Cisco 2950 - Catalyst Switch
710 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #540 background imageLoading...
Page #540 background image
29-6
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-10
Chapter 29 Configuring Network Security with ACLs
Configuring ACLs
All ACEs in an ACL must have the same user-defined mask. However, ACEs can have different rules
that use the same mask. On a given interface, only one type of user-defined mask is allowed, but you
can apply any number of system-defined masks. For more information on system-defined masks, see
the Understanding Access Control Parameters section on page 29-4.
This example shows the same mask in an ACL:
Switch (config)# ip access-list extended acl2
Switch (config-ext-nacl)# permit tcp 10.1.1.1 0.0.0.0 any eq 80
Switch (config-ext-nacl)# permit tcp 20.1.1.1 0.0.0.0 any eq 23
In this example, the first ACE permits all the TCP packets coming from host 10.1.1.1 with a
destination TCP port number of 80. The second ACE permits all TCP packets coming from host
20.1.1.1 with a destination TCP port number of 23. Both the ACEs use the same mask; therefore, a
switch supports this ACL.
When you apply an ACL to a physical interface, some keywords are not supported and certain mask
restrictions apply to the ACLs. See the Creating a Numbered Standard ACL section on page 29-9
and the Creating a Numbered Extended ACL section on page 29-10 for creating these ACLs.
Note You can also apply ACLs to a management interface without the above limitations. For information, refer
to the Configuring IP Services section of the Cisco IOS IP and IP Routing Configuration Guide, Cisco
IOS Release 12.1 and the Cisco IOS IP and IP Routing Command Reference, Cisco IOS Release 12.1.
Configuring ACLs
This section includes these topics:
Unsupported Features section on page 29-7
Creating Standard and Extended IP ACLs section on page 29-7
Creating Named MAC Extended ACLs section on page 29-18
Creating MAC Access Groups section on page 29-19
Configuring ACLs on a Layer 2 interface is the same as configuring ACLs on Cisco routers. The process
is briefly described here. For more detailed information about configuring router ACLs, refer to the
Configuring IP Services chapter in the Cisco IP and IP Routing Configuration Guide, Cisco IOS
Release 12.1. For detailed information about the commands, refer to the Cisco IOS IP and IP Routing
Command Reference, Cisco IOS Release 12.1. For a list of Cisco IOS features not supported on the
switch, see the Unsupported Features section on page 29-7.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 2950 - Catalyst Switch and is the answer not in the manual?

Cisco 2950 - Catalyst Switch Specifications

General IconGeneral
Forwarding Rate6.6 Mpps
Jumbo Frame SupportNo
Weight8.8 lbs (4 kg)
RAM16 MB
Flash Memory8 MB
ManageableYes
Form FactorRack-mountable
Ports24 Ethernet 10/100 ports
Uplink Ports2 x 10/100/1000Base-T ports
VLANs250
MAC Address Table Size8000
Power Supply100-240 VAC, 50-60 Hz
Dimensions4.4 cm x 44.5 cm x 24.2 cm
Operating Temperature0 to 40 °C (32 to 104 °F)
Storage Temperature-25 to 70 °C (-13 to 158 °F)
Operating Humidity10% to 85% (non-condensing)
Storage Humidity5% to 95% (non-condensing)

Related product manuals