29-24
Catalyst2950 and Catalyst2955 Switch Software Configuration Guide
78-11380-10
Chapter29 Configuring Network Security with ACLs
Examples for Compiling ACLs
Figure29-2 Using Switch ACLs to Control Traffic
This example uses a standard ACL to allow access to a specific Internet host with the address
172.20.128.64.
Switch(config)# access-list 6 permit 172.20.128.64 0.0.0.0
Switch(config)# end
Switch(config)# interface gigabitethernet0/1
Switch(config-if)# ip access-group 6 in
This example uses an extended ACL to deny traffic from port 80 (HTTP). It per mits al l ot her ty pes of
traffic.
Switch(config)# access-list 106 deny tcp any any eq 80
Switch(config)# access-list 106 permit ip any any
Switch(config)# interface gigabitethernet0/2
Switch(config-if)# ip access-group 106 in
Cisco router
Workstation
End
workstations
65289
Internet