EasyManua.ls Logo

Cisco Catalyst 2950 - Unsupported Features; Creating Standard and Extended IP Acls

Cisco Catalyst 2950
674 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
28-7
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-12
Chapter 28 Configuring Network Security with ACLs
Configuring ACLs
Release 12.1. For detailed information about the commands, see the Cisco IOS IP and IP Routing
Command Reference, Cisco IOS Release 12.1. For a list of Cisco IOS features not supported on the
switch, see the “Unsupported Features” section on page 28-7.
Unsupported Features
The switch does not support these Cisco IOS router ACL-related features:
Non-IP protocol ACLs (see Table 28-2 on page 28-8)
Bridge-group ACLs
IP accounting
ACL support on the outbound direction
Inbound and outbound rate limiting (except with QoS ACLs)
IP packets that have a header length of less than 5 bytes
Reflexive ACLs
Dynamic ACLs (except for certain specialized dynamic ACLs used by the switch clustering feature)
ICMP-based filtering
Interior Gateway Routing Protocol (IGMP)-based filtering
Creating Standard and Extended IP ACLs
This section describes how to create switch IP ACLs. The switch tests packets against the conditions in
an access list one by one. The first match determines whether the switch accepts or rejects the packet.
Because the switch stops testing conditions after the first match, the order of the conditions is critical.
If no conditions match, the switch denies the packet.
Follow these steps to use ACLs:
Step 1 Create an ACL by specifying an access list number or name and access conditions.
Step 2 Apply the ACL to interfaces or terminal lines.
The software supports these kinds of IP access lists:
Standard IP access lists use source addresses for matching operations.
Extended IP access lists use source and destination addresses for matching operations and optional
protocol-type information for finer granularity of control.
Note MAC extended access list use source and destination MAC addresses and optional protocol type
information for matching operations. For more information, see the “Creating Named MAC Extended
ACLs” section on page 28-17.
The next sections describe access lists and the steps for using them.

Table of Contents

Other manuals for Cisco Catalyst 2950

Preview: Command Reference
Command Reference686 pages
Preview: Software Guide
Software Guide376 pages
Preview: Getting Started Guide
Getting Started Guide28 pages
Preview: Hardware Installation Guide
Hardware Installation Guide232 pages
Preview: Datasheet
Datasheet19 pages

Related product manuals