[c-nsp] configuring access-list on 3550
a. Rahman Isnaini r. Sutan
risnaini at indo.net.id
Tue Jul 4 10:05:56 EDT 2006
What about breakdown the 'permit IP' in to 'permit TCP/UDP' with log
enabled.
You could then catch this voip traffic in another way.. :-?
-- a.RI.r.sutan
----- Original Message -----
From: "Prit Patel" <shahtejal at gmail.com>
To: "NSP List" <cisco-nsp at puck.nether.net>
Sent: Tuesday, July 04, 2006 8:24 PM
Subject: [c-nsp] configuring access-list on 3550
: hello all,
:
: I m configuring 3550 with access-list and applied that ACL on one of the
: interface which is configured in routing mode.
: But i m not able to see any match on the acl. Its showing match only on
: permit ip any any statement.
:
: I m running c3550-i5q3l2-mz.121-22.EA7.bin image on this switch.
:
: Below is the acl
: access-list 101 deny tcp any any range 1718 1721
: access-list 101 deny tcp any any range 5060 5061
: access-list 101 deny udp any any range 1718 1721
: access-list 101 deny udp any any range 5060 5061
: access-list 101 permit ip any any
:
: I have applied it on interface as incoming acl
:
: Int F0/21
: ip access-group 101 in
:
:
: Did i made any mistake in this config ?
:
:
: Regards
: Prit
: _______________________________________________
: cisco-nsp mailing list cisco-nsp at puck.nether.net
: https://puck.nether.net/mailman/listinfo/cisco-nsp
: archive at http://puck.nether.net/pipermail/cisco-nsp/
:
:
More information about the cisco-nsp
mailing list