28-23
Catalyst 2950 and Catalyst 2955 Switch Software Configuration Guide
78-11380-12
Chapter 28 Configuring Network Security with ACLs
Examples for Compiling ACLs
Examples for Compiling ACLs
For detailed information about compiling ACLs, see the Security Configuration Guide and the “IP
Services” chapter of the Cisco IOS IP and IP Routing Configuration Guide, Cisco IOS Release 12.1.
Figure 28-2 shows a small networked office with a number of switches that are connected to a Cisco
router. A host is connected to the network through the Internet using a WAN link.
Use switch ACLs to do these:
• Create a standard ACL, and filter traffic from a specific Internet host with an address 172.20.128.64.
• Create an extended ACL, and filter traffic to deny HTTP access to all Internet hosts but allow all
other types of access.
Figure 28-2 Using Switch ACLs to Control Traffic
This example uses a standard ACL to allow access to a specific Internet host with the address
172.20.128.64.
Switch(config)# access-list 6 permit 172.20.128.64 0.0.0.0
Switch(config)# end
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ip access-group 6 in
Cisco router
Workstation
End
workstations
65289
Internet
To Next Page
Loading...
