If this is an IOS switch: If you are trying to filter an IP address. Use ACL number between 1-99. e.g access-list 1 deny host 172.16.1.1 access-list 1 permit any
PING Christian Fredrickson wrote: > Running a Cisco switch 3548XL > Trying to block a specific IP address. The access-list looks like: > (I substituted the IP addresses) > access-list 2000 deny ip host ip_address any > access-list 2000 permit ip range.0 0.0.0.255 any > access-list 2000 deny ip any any > > All ports on this switch belong to the same VLAN and all other switches use > this switch to get to the upper layer switch and use that to get to the > router. The vlan looks like: > (I substituted the IP addresses) > interface VLAN1 > description line > ip address switch_ip 255.255.255.0 > ip access-group 2000 in > > But I can still ping the host from external addresses. Why is this ACL not > working? > > Thank you all in advance. Message Posted at: http://www.groupstudy.com/form/read.php?f=7&i=43045&t=43021 -------------------------------------------------- FAQ, list archives, and subscription info: http://www.groupstudy.com/list/cisco.html Report misconduct and Nondisclosure violations to [EMAIL PROTECTED]
