Results 1 to 8 of 8
  1. #1
    Join Date
    Jun 2005
    Location
    Texas, USA!!!
    Posts
    11

    Cisco WS-C2924C-XL-EN ACL Question

    Hello,
    I was wondering if anyone has successfully used the ACL's on a 2900 series switch. I see all of the options and very little explanation on the cisco site about this.

    I have tried it but every time I apply the ACL to the vlan it seems to lock me out of telnet Even if my ACL reads something simple like access-list 1 deny 1.1.1.1; access-list 1 permit any

    Any ideas?

  2. #2
    Join Date
    Jul 2004
    Location
    Manchester, UK
    Posts
    2,130
    Sorry, don't know....but welcome to WHT anyway!
    Our greatest glory is not in never falling, but in rising every time we fall. - Confucius

  3. #3
    Join Date
    Jan 2004
    Location
    Texas
    Posts
    1,556
    I've never applied an access list to a 2900, I always apply them further upstream. Have you tried

    access-list # deny ip 1.2.3.4 any
    access-list # permit ip any any

    Also, here's a couple of links to help you understand Cisco ACL's.

    http://www.ja.net/CERT/JANET-CERT/pr...isco_acls.html

    http://www.networkclue.com/routing/C...ists/index.php

    Hope it helps.
    James Lumby

  4. #4
    Join Date
    Jun 2005
    Location
    Texas, USA!!!
    Posts
    11

  5. #5
    Never tried on a 2900. Have you tried setting the first ACL for your IP to allow telnet then set the rest. I am wondering if the IOS on that switch is a little different or corrupted and it is reading in order and automatically denying you.

  6. #6
    Join Date
    Jun 2005
    Location
    Texas, USA!!!
    Posts
    11

  7. #7
    Join Date
    Oct 2004
    Location
    Portland, OR
    Posts
    176
    Code:
    access-list 1 permit 192.168.5.1
    access-list 1 permit 192.168.6.0 0.0.0.255
    access-list 1 deny   any
    That would allow the 192.168.6 /24 and 192.168.5.1, and block everything else.

    You may need to specify 'access-class 1 in' for line vty 0 to 15:

    Code:
    line vty 0 4
     access-class 1 in
     login
     password 7 <encrypted  pass>
    line vty 5 15
     access-class 1 in
     login
     password 7 <encrypted pass>
    Fork Networking - 1995-2010+
    Colocation & Dedicated Hosting
    West Coast, 99.999% uptime.
    <www.forked.net>

  8. #8
    Join Date
    Jun 2005
    Location
    Texas, USA!!!
    Posts
    11

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •