It is currently Wed Oct 18, 2017 1:59 am


All times are UTC




Post new topic Reply to topic  [ 2 posts ] 
Author Message
 Post subject: Access-list and Switching Module
PostPosted: Sun Oct 05, 2014 12:07 pm 
Offline

Joined: Sun Oct 05, 2014 11:55 am
Posts: 1
I configured R8:

R8(config)#access-list 101 deny ip any any
R8(config)#interface FastEthernet 1/1
R8(config-if)#ip access-group 101 in

-> R1 still can ping R2. :-(




Attachments:
Unbenannt.png
Unbenannt.png [ 15.24 KiB | Viewed 30788 times ]
Top
 Profile  
 
 Post subject: Re: Access-list and Switching Module
PostPosted: Sun Oct 05, 2014 8:48 pm 
Offline

Joined: Fri Mar 05, 2010 11:33 am
Posts: 1494
Location: Australia
Your problem is a fundamental one that requires understanding of the OSI model.

interface f1/1 on R8 is a port on a LAYER 2 switch. Yes, that switch MAY be living in a slot on a router, but it is a switch. It makes switching decisions based on LAYER 2 MAC addresses. It does not even know care the packets that arrive are IP, IPv6 or even IPX

But your access list is asking for traffic to be denied based on LAYER 3 protocol information.
Quote:
R8(config-if)#ip access-group 101 in


Some of the newer Nexus gear from Cisco supports PACLS (Port Access Control Lists) where you actually can do that kind of stuff. To emulate that in GNS3 you'd need to use a Nexus 1000V see https://learningnetwork.cisco.com/message/431451#431451



_________________
RedNectar
http://rednectar.net
@rednectarchris
GNS3 WorkBench-a VMware image of Ubuntu with GNS3 and VPCS installed and a collection of exercises/labs


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 2 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group

phpBB SEO