Linux -Blue forest free software | Return to home page | Site Map | Search WWW | Contact Us |
Your current position : Homepage > Free Software > Technological exchanges >Network Communication


    

Blue Forest http://www.lslnet.com at 13:28 on July 26, 2006

2950 : help the poor with acl


I vlan months in 2950 under the plan, made after a acl then linked to the expansion of the vlan just under painting. Vlan acl result of the lack of any role. Please advise! ! ! ! !

Out on the distribution of stickers

Interface FastEthernet0/4
!
Interface FastEthernet0/5
!
Interface FastEthernet0/6
!
Interface FastEthernet0/7
!
Interface FastEthernet0/8
Switchport access vlan 3
!
Interface FastEthernet0/9
!
Interface FastEthernet0/10
!
Interface FastEthernet0/11
!
Interface FastEthernet0/12
!
Interface FastEthernet0/13
!
Interface FastEthernet0/14
!
Interface FastEthernet0/15
!
Interface FastEthernet0/16
Switchport access vlan 2
Switchport mode access
!
Interface FastEthernet0/17
Switchport access vlan 2
Switchport mode access
!
Interface FastEthernet0/18
!
Interface FastEthernet0/19
!
Interface FastEthernet0/20
!
Interface FastEthernet0/21
!
Interface FastEthernet0/22
!
Interface FastEthernet0/23
!
Interface FastEthernet0/24
!
Interface Vlan1
No ip address
Ip 1 in access-group
No ip route-cache
Shutdown
!
Interface Vlan2
Ip address 100.100.101.23 255.255.255.0
Ip access-group 2100 out
No ip route-cache
!
Interface Vlan5
No ip address
No ip route-cache
Shutdown
!
Ip http server
Access-list 2100 deny any any icmp
Access-list 2100 deny ip any any log
!
Line con 0
Line vty 0 4
Login
Line vty 5 15
Login
!
!
End
I put the test to vlan 2 16 17 paintings, in an extended visit vlan2 linked to the table under the 2100 reform was supposed to be 16 and 17 links of ping each other can still be of ping nowhere.

I am vegetables and did not know right or wrong. But if you want 16, 17 mutual communication, we should not deny? I feel no need to repeat the list ah visit

No three-functional equipment to achieve

This is 2950 1000M support acl released on the website http://www.ciscochina.com/news_show.asp?id=464

As long as they can be written on the support, and support should not be simply written

Initially issued by truenetwork
This is 2950 1000M support acl released on the website http://www.ciscochina.com/news_show.asp?id=464

2950 pacl support, but you misused it. Of course that will not work.

Put acl used in port, it is not used on the vlan.

This test
Int fa 5-8
Ip access-group 2100 out
Ip access-list extended 2100
Deny any any icmp
They should not deny ip any any log

Thank you, I would try

Initially issued by da_zhi
This test
Int fa 5-8
Ip access-group 2100 out
Ip access-list extended 2100
Deny any any icmp
They should not deny ip any any log

Pacl does not support "out."

2950 adapter does not support acl

Initially issued by truenetwork
2950 adapter does not support acl

EI 2950 with ios support pacl in physical interface.

What is EI?

Ip access-group 2100 'in' with the same bad

EI:Enterprise Image

As support to be able to tell how I should set up? Need that particular image?

Asked Zhiding
[ Closed window ]


 Privacy Policy  Copyright © 1999-2000 LSLNET.COM. All rights reserved. Blue Forest website owners. E-mail : Webmaster@lslnet.com