EasyManuals Logo

Cisco Catalyst 3750 Software Configuration Guide

Cisco Catalyst 3750
926 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #462 background imageLoading...
Page #462 background image
25-20
Catalyst 3750 Metro Switch Software Configuration Guide
78-15870-01
Chapter 25 Configuring Network Security with ACLs
Configuring IP ACLs
Router ACLs function as follows:
The hardware controls permit and deny actions of standard and extended ACLs (input and output)
for security access control.
If log has not been specified, the flows that match a deny statement in a security ACL are dropped
by the hardware if ip unreachables is disabled. The flows matching a permit statement are switched
in hardware.
Adding the log keyword to an ACE in a router ACL causes a copy of the packet to be sent to the
CPU for logging only. If the ACE is a permit statement, the packet is still switched and routed
in hardware.
IP ACL Configuration Examples
This section provides examples of configuring and applying IP ACLs. For detailed information about
compiling ACLs, refer to the Security Configuration Guide and the “IP Services” chapter of the Cisco
IOS IP and IP Routing Configuration Guide for IOS Release 12.1.
Figure 25-3 shows a small networked office environment with the routed Port 2 connected to Server A,
containing benefits and other information that all employees can access, and routed Port 1 connected to
Server B, containing confidential payroll data. All users can access Server A, but Server B has restricted
access.
Use router ACLs to do this in one of two ways:
Create a standard ACL, and filter traffic coming to the server from Port 1.
Create an extended ACL, and filter traffic coming from the server into Port 1.
Figure 25-3 Using Router ACLs to Control Traffic
Server A
Benefits
Server B
Payroll
Port 2 Port 1
Accounting
172.20.128.64-95
Human Resources
172.20.128.0-31
101354

Table of Contents

Other manuals for Cisco Catalyst 3750

Preview: Command Reference
Command Reference1154 pages
Preview: Getting Started Guide
Getting Started Guide32 pages
Preview: Hardware Installation Guide
Hardware Installation Guide230 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco Catalyst 3750 and is the answer not in the manual?

Cisco Catalyst 3750 Specifications

General IconGeneral
Device TypeSwitch
Switching Capacity32 Gbps
Forwarding Rate38.7 Mpps
Stacking Bandwidth32 Gbps
RAM128 MB
Jumbo Frame SupportYes
Switch TypeManaged
ModelCatalyst 3750 Series
Uplink InterfacesSFP
Form FactorRack-mountable
MAC Address Table Size12, 000 entries
Routing ProtocolRIP, OSPF, EIGRP
Remote Management ProtocolSNMP, Telnet, HTTP
FeaturesLayer 3 switching, Layer 2 switching, auto-negotiation, BOOTP support, ARP support, VLAN support, auto-uplink (auto MDI/MDI-X), IGMP snooping, traffic shaping, MAC address filtering, Quality of Service (QoS), Jumbo Frames support, MLD snooping, Dynamic ARP Inspection (DAI), Cisco EnergyWise technology
Power over Ethernet (PoE)PoE
Operating Temperature-5 - 45 °C
Operating Humidity10% to 85% non-condensing

Related product manuals